search

Cloudxtreme / volatility

Automatically exported from code.google.com/p/volatility
0 stars 0 forks source link

Create profiles for Win 2008 R2 #221

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Just a quick reminder that we should make some profiles for Windows 2008 R2.  
They should be identical to some existing profiles (most likely Win7), but best 
to check which before we mock up a patch...

Original issue reported on code.google.com by mike.auty@gmail.com on 26 Feb 2012 at 11:33

GoogleCodeExporter commented 8 years ago 
So Jamie suggests it's just Win7 x64, and as such I've produced a patch.  If it 
looks ok, I'll add it in a couple of days...  5:)

Original comment by mike.auty@gmail.com on 26 Feb 2012 at 11:46

Attachments:

GoogleCodeExporter commented 8 years ago 
Looks good to me :-)

I had actually thought to suggest this change when I realized that Windows 2008 
R2 x64 vtypes were exactly the same as Windows 7 x64 vtypes and that there 
might be confusion since there are two different Windows 2008 x64 Servers.

Original comment by jamie.l...@gmail.com on 27 Feb 2012 at 4:20

GoogleCodeExporter commented 8 years ago 
No problem...can you remember to update the FAQ with the new profile info?

Original comment by michael.hale@gmail.com on 28 Feb 2012 at 12:02

GoogleCodeExporter commented 8 years ago 
Hmmm, the FAQ (and the wiki as a whole) doesn't mention anything about 64-bit 
profiles yet, so I haven't made any changes to it.  The Win2K8R2 profiles 
should get added when the 64-bit changes are documented.  Hope that's ok?

Original comment by mike.auty@gmail.com on 29 Feb 2012 at 9:01

GoogleCodeExporter commented 8 years ago 
Yeah, I wasn't sure if we should mention the x64 stuff on the wiki yet since 
there isn't an "official" release that supports it yet... but then we do have 
other items that mention it in our wikis so maybe we should...?  any thoughts?

Original comment by jamie.l...@gmail.com on 29 Feb 2012 at 9:07

GoogleCodeExporter commented 8 years ago 
Hmmmm, may be worth having a Dev copy of each page (so DevBasicUsage, etc), 
that can be kept more up-to-date (but may not be valid up to the minute), and 
then when we release we can just copy them over to non Dev versions?

The downside is that's twice as many pages to look after, and I know that it's 
mostly you and MHL that look after the wiki, so I wouldn't want to do that to 
you.  5:(

I guess it kinda depends on how long it will take for the next release?

Original comment by mike.auty@gmail.com on 29 Feb 2012 at 9:33