Ok were to start... Thank you Bugbear and Matt for the links. I really do appreciate it. This has really been quiet the rabbit hole for me. I thought i would blog about it in the future but now it's looking as if that would be a rather lager entry. Never the less I am keeping notes and links and hope to document my journey in to this topic in the future. Unlike Ligaat i will site all sources and give credit were credit is due. (for some strange reason iTunes has yet to approve my critique of there iPhone app) /me Shrugs.
Believe it or not this interest all started with a article in 2600 about win32dd in conjunction with reading Kingpin in two days and thinking why didn't he just hang the extension cords on the door to kill the power? But I'm sure he has thought of that buy now. Then apple thunderbolt concerns on several podcast and to top it off finding out ironically that none other than HBGary makes a pretty cool little dd tool. (say that in one breath) So i have to figer out the inner workings of this process. Any how again i want to say thanks, because this has gave me a bit of focus do to my lack of Ritalin and over 200 open tabs and im like F were do i start. So "Windows Forensic Analysis DVD Toolkit 2nd edition" has made it to my beloved kindle (yes i fregin love the thing) as i type and I'm highly interested in the hands on participation from http://honeynet.org/challenges/2011_7_compromised_server and all other pages mentioned have been downd and imported to kindle also. Honestly I would sweep and mop the floors for a pittance to hang around people that do this stuff. But i digress i may not be able to spray liquid nitrogen on some ram sticks or afford 700.00 usb drives but i have a new book to read so I'm WINNING! Thank you. Frank On Tue, Mar 8, 2011 at 9:38 AM, Matt Erasmus <[email protected]> wrote: > Howdy > > While it's not directly related to your query you may find these posts > interesting: > > http://lorgor.blogspot.com/2010/11/volatility-mem-forensics-iiiusing.html > http://lorgor.blogspot.com/2010/11/volatility-memory-forensics-iiusing.html > > http://dfsforensics.blogspot.com/2011/03/bringing-linux-support-to-volatility.html > > There were a couple of interesting posts from SANS on the OS X side of > things here: > > > http://computer-forensics.sans.org/blog/2011/02/04/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-2 > > http://computer-forensics.sans.org/blog/2011/01/28/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-1 > > And the latest challenge from the HoneyNet project will give you ample > chances to practice.. > > http://honeynet.org/challenges/2011_7_compromised_server > > As for books, I'm still looking myself. Mostly I just read blog posts and > try and practice as much as I can. > > I hope this helps... > > > Matt Erasmus // <[email protected]> // @mattdoterasmus > > (keep calm and carry on) > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- The only good is knowledge and the only evil is ignorance. Socrates
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
