search

ksanchezcld / volatility

Automatically exported from code.google.com/p/volatility
GNU General Public License v2.0
1 stars 0 forks source link

pool scanner constraint analysis #263

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Now that we can have profile specific scanners (Issue #113) and can properly 
set pool type checks for Vista/2008/7 (Issue #2357), it would be good to do 
some analysis and see which current scanners (if any) produce FPs that can be 
avoided. Is the CheckPoolSize tailored for XP 86 too small for Win7 x64? Etc. 

I'm setting this low priority enhancement because I think we'd know if any 
scanner is producing too many FPs, but at the same time I think we could 
benefit from researching the strength of current constraints versus potential 
strength after implementing some of this new (or fixed) capabilities.

Original issue reported on code.google.com by michael.hale@gmail.com on 22 May 2012 at 1:57

GoogleCodeExporter commented 9 years ago 
Oops, that's supposed to say Issue #257 not 2357. Getting a little ahead ;-0

Original comment by michael.hale@gmail.com on 22 May 2012 at 1:58

GoogleCodeExporter commented 9 years ago

Original comment by michael.hale@gmail.com on 1 Feb 2013 at 4:47