Version: 1.5
Size:
35.95MB
Requirements:
No special requirements
No special requirements
Price:
Free
Free
System:
Windows 7/Vista/XP
Windows 7/Vista/XP
Rating:
4.5
4.5
License:
Freeware
Freeware
redline the movie redline game redline rumble 3 street legal racing free ringtones myxer metal drop ceiling pocket pc key
Description - Mandiant Redline
Redline is Mandiant’s free tool for investigating hosts for signs of malicious activity through memory and file Analysis, and subsequently developing a threat assessment profile. It provides several benefits:
Rapid Triage
When confronted with a potentially compromised host, responders must first assess whether the system has active malware. Without installing software or disrupting the current state of the host, Redline thoroughly auditsall currently-running processes and drivers on the system for a quick analysis; for a detailed analysis, it also collects the entire file structure, network state, and system memory.
Reveals Hidden Malware
The Redline Portable Agent can collect and analyze a complete memory image, working below the level at which kernel rootkits and other malware-hiding techniques operate. Many hiding techniques become extremely obvious when examined at the physical memory level, making memory analysis a powerful tool for finding malware. It also reveals “memory only” malware that is not present on disk.
Works with Mandiant Intelligent Response
Combined with MIR, Redline is a powerful tool for accelerated live response. Here’s a typical case:
- IDS or other system detects suspicious activity on a host
- From MIR, an investigator launches a remote live response script
- The MIR Agent running on the host captures and analyzes memory locally, streaming back a small XML audit that downloads in minutes rather than hours
- From MIR, the user can open the audit directly in Redline
- Using Redline, the investigator quickly identifies a malicious Process, and writes an IOC describing the forensic attributes found in Redline
- Using MIR and MCIC, the investigator is quickly able to sweep for that IOC and discover all other systems on the network with the same (or similar) malware running.
And more...
Rapid Triage
When confronted with a potentially compromised host, responders must first assess whether the system has active malware. Without installing software or disrupting the current state of the host, Redline thoroughly auditsall currently-running processes and drivers on the system for a quick analysis; for a detailed analysis, it also collects the entire file structure, network state, and system memory.
Reveals Hidden Malware
The Redline Portable Agent can collect and analyze a complete memory image, working below the level at which kernel rootkits and other malware-hiding techniques operate. Many hiding techniques become extremely obvious when examined at the physical memory level, making memory analysis a powerful tool for finding malware. It also reveals “memory only” malware that is not present on disk.
Works with Mandiant Intelligent Response
Combined with MIR, Redline is a powerful tool for accelerated live response. Here’s a typical case:
- IDS or other system detects suspicious activity on a host
- From MIR, an investigator launches a remote live response script
- The MIR Agent running on the host captures and analyzes memory locally, streaming back a small XML audit that downloads in minutes rather than hours
- From MIR, the user can open the audit directly in Redline
- Using Redline, the investigator quickly identifies a malicious Process, and writes an IOC describing the forensic attributes found in Redline
- Using MIR and MCIC, the investigator is quickly able to sweep for that IOC and discover all other systems on the network with the same (or similar) malware running.
And more...
