http://mirror.codeplex.com/Wiki/View.aspx?title=Homemirror Wiki Rss Descriptionhttp://mirror.codeplex.com/wikipage?version=6<div class="wikidoc"><b>STATUS</b><br />While more attention is now being spent on Bryan&#39;s <a href="http://confessor.codeplex.com/" class="externalLink">Confessor<span class="externalLinkIcon"></span></a> development, we&#39;ve benefited from Jon Mark Allen&#39;s (ubahmapk) many contributions, giving MIR-ROR some much needed attention. Please feel free to submit via Issue Tracker and we&#39;ll review potential updates for future releases. <br /><br /><b>Project Description</b><br />MIR-ROR&#58; Motile Incident Response &#8211; Respond Objectively, Remediate <br />MIR-ROR is a security incident response specialized, command-line script that calls specific Windows Sysinternals tools, as well as some other useful utilities, to provide live capture data for investigation.<br /><br />You can easily enhance MIR-ROR to your liking with whatever command line tools you find useful. <br />For incident response resource, we’ve found it indispensable.<br />Windows Systinternals licensing prevents us from bundling the tools in a distribution package; you’ll have to retrieve them. <br /><a href="http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx" class="externalLink">Download<span class="externalLinkIcon"></span></a> the complete Sysinternals Suite and unpack in a preferred directory on your system, then move the necessary tools listed in <i>fetch.txt</i> to a directory you create: <i>C:\tools\MIR-ROR</i>.<br /><br />You can read the complete ISSA Journal article, <b>MIR-ROR: Motile Incident Response – Respond Objectively, Remediate</b>, <a href="http://holisticinfosec.org/content/view/12/26/" class="externalLink">here<span class="externalLinkIcon"></span></a><br /><br />Feel free to offer feedback; we hope this tool serves you well.<br /><br />Russ McRee<br />Troy Larson<br />Jon Mark Allen</div><div class="ClearBoth"></div>RussMcReeThu, 22 Mar 2012 06:24:29 GMTUpdated Wiki: Home 20120322062429Ahttp://mirror.codeplex.com/wikipage?version=5<div class="wikidoc"><b>STATUS</b><br />While more attention is now being spent on Bryan&#39;s <a href="http://confessor.codeplex.com/" class="externalLink">Confessor<span class="externalLinkIcon"></span></a> development, we&#39;ve benefitted from Jon Mark Allen&#39;s (ubahmapk) contribution, giving MIR-ROR some much needed attention. Please feel free to submit via Issue Tracker and we&#39;ll review potential updates for future releases. <br /><br /><b>Project Description</b><br />MIR-ROR&#58; Motile Incident Response &#8211; Respond Objectively, Remediate MIR-ROR is a security incident response specialized, command-line script that calls specific Windows Sysinternals tools, as well as some other useful tools, to provide live capture data for investigation.<br /><br />You can easily enhance MIR-ROR to your liking with whatever command line tools you find useful. <br />For incident response resource, we’ve found it indispensable.<br />Windows Systinternals licensing prevents us from bundling the tools in a distribution package; you’ll have to retrieve them. <br /><a href="http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx" class="externalLink">Download<span class="externalLinkIcon"></span></a> the complete Sysinternals Suite and unpack in a preferred directory on your system, then move the necessary tools listed in <i>fetch.txt</i> to a directory you create: <i>C:\tools\MIR-ROR</i>.<br /><br />You can read the complete ISSA Journal article, <b>MIR-ROR: Motile Incident Response – Respond Objectively, Remediate</b>, <a href="http://holisticinfosec.org/content/view/12/26/" class="externalLink">here<span class="externalLinkIcon"></span></a><br /><br />Feel free to offer feedback; we hope this tool serves you well.<br /><br />Russ McRee<br />Troy Larson<br />Jon Mark Allen</div><div class="ClearBoth"></div>RussMcReeThu, 22 Mar 2012 06:09:02 GMTUpdated Wiki: Home 20120322060902Ahttp://mirror.codeplex.com/wikipage?version=4<div class="wikidoc"><b>STATUS</b><br />Most of our attention is now being spent on Bryan&#39;s <a href="http://confessor.codeplex.com/" class="externalLink">Confessor<span class="externalLinkIcon"></span></a> development, but I&#39;ll continue to give MIR-ROR some attention. I&#39;ve been neglegent is issues submitted via Issue Tracker (thanks ubahmapk) and will integrate said updates for a release shortly, <br /><br /><b>Project Description</b><br />MIR-ROR&#58; Motile Incident Response &#8211; Respond Objectively, Remediate MIR-ROR is a security incident response specialized, command-line script that calls specific Windows Sysinternals tools, as well as some other useful tools, to provide live capture data for investigation.<br /><br />You can easily enhance MIR-ROR to your liking with whatever command line tools you find useful. <br />For incident response resource, we’ve found it indispensable.<br />Windows Systinternals licensing prevents us from bundling the tools in a distribution package; you’ll have to retrieve them. <br /><a href="http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx" class="externalLink">Download<span class="externalLinkIcon"></span></a> the complete Sysinternals Suite and unpack in a preferred directory on your system, then move the necessary tools listed in <i>fetch.txt</i> to a directory you create: <i>C:\tools\MIR-ROR</i>.<br /><br />You can read the complete ISSA Journal article, <b>MIR-ROR: Motile Incident Response – Respond Objectively, Remediate</b>, <a href="http://holisticinfosec.org/content/view/12/26/" class="externalLink">here<span class="externalLinkIcon"></span></a><br /><br />Feel free to offer feedback; we hope this tool serves you well.<br /><br />Russ McRee<br />Troy Larson</div><div class="ClearBoth"></div>RussMcReeTue, 27 Dec 2011 21:04:59 GMTUpdated Wiki: Home 20111227090459P