Open Source Security Tools : Practical Guide to Security Applications part 41. Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses. Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. | Page 379 Friday June 25 2004 12 33 AM Making Copies of Forensic Evidence 379 share Printer3 - Acrobat Distiller share Printer2 - Acrobat PDFWriter User Administrator Built-in account for administering the computer domain Admin is TONYVPRDESKTOP Administrator User Howlett User Guest Built-in account for guest access to the computer domain User HelpAssistant Remote Desktop Help Assistant Account Account for Providing Remote Assistance User SUPPORT_388945a0 CN Microsoft Corporation L Redmond S Washington C US This is a vendor s account for the Help and Support Service User Tony Howlett In this listing you can see two users you don t normally see in the User Accounts section on your Windows system the HelpAssistant and SUPPORT users. These are systemlevel users for internal programs the Remote assistance features and the annoying Notify Support feature that pops up every time a program bombs out . Other hidden users concealed by a skilled intruder could be revealed using this tool. This chapter is not meant to be a comprehensive listing of all possible forensic tools but these tools should give you enough to get started with basic forensic activity on just about any system. If you are doing this as a career or have an involved investigation there are many other tools available. For a good listing of open source forensic tools visit . Page 380 Friday June 25 2004 12 33 AM Page 381 Tuesday June 29 2004 3 19 PM Chapter 12 More on Open Source Software You know now how to keep your data safe inside and outside your network and how to detect and investigate attacks on your systems and networks. This book has reviewed dozens of open source security tools covering just about every aspect of information security. However this just scratches the surface of what is available. For each category I tried to pick the best tool in my opinion to showcase but there were often scores of others to choose from. In