Wednesday, January 12, 2011

Malware Analysis Through Remnux

REMnux is one of the best tools for malware reverse engineering. It has been designed as an indispensable tool for reverse engineering of malware codes and signatures. The release is an important upgradation as compared to traditional malware analysis practices as it covers memory analysis and memory forensics as well.

REMnux can be downloaded as a VMware virtual appliance archive and also as an ISO image of a Live CD.

According to Praveen Dalal, CEO of exclusive cyber security research and training centre of India (CSRTCI), most of the sophisticated modern day malware operate in memory alone and the minute you switch off the computer their traces are gone. REMnux allows you to analyse these malware signatures in a virtual environment, opines Praveen Dalal.

This gives a chance to analyse malware codes operating in the memory. These days live forensics has assumed great importance. The traditional dead forensics concepts must be supplemented with live forensics where volatile data must be collected while the system is still on, suggest Praveen Dalal.

In order to provide basic level training regarding malware analysis and cyber forensics, Perry4Law Techno Legal Base (PTLB) has been providing exclusive techno legal trainings in the fields like cyber law, cyber security, cyber forensics, etc. Very soon we may get good techno legal training from PTLB exclusively for malware reverse engineering as well.

Remnux is also an essential tool of exclusive cyber forensics software repository of India and cyber security software repository of India maintained by PTLB.