PaulDotCom mailing list archives
Re: Books suggestions for Memory Imaging Tools???
From: Frank Forrester <forrester.frank () gmail com>
Date: Wed, 9 Mar 2011 06:15:35 -0600
Ok were to start... Thank you Bugbear and Matt for the links. I really do appreciate it. This has really been quiet the rabbit hole for me. I thought i would blog about it in the future but now it's looking as if that would be a rather lager entry. Never the less I am keeping notes and links and hope to document my journey in to this topic in the future. Unlike Ligaat i will site all sources and give credit were credit is due. (for some strange reason iTunes has yet to approve my critique of there iPhone app) /me Shrugs. Believe it or not this interest all started with a article in 2600 about win32dd in conjunction with reading Kingpin in two days and thinking why didn't he just hang the extension cords on the door to kill the power? But I'm sure he has thought of that buy now. Then apple thunderbolt concerns on several podcast and to top it off finding out ironically that none other than HBGary makes a pretty cool little dd tool. (say that in one breath) So i have to figer out the inner workings of this process. Any how again i want to say thanks, because this has gave me a bit of focus do to my lack of Ritalin and over 200 open tabs and im like F were do i start. So "Windows Forensic Analysis DVD Toolkit 2nd edition" has made it to my beloved kindle (yes i fregin love the thing) as i type and I'm highly interested in the hands on participation from http://honeynet.org/challenges/2011_7_compromised_server and all other pages mentioned have been downd and imported to kindle also. Honestly I would sweep and mop the floors for a pittance to hang around people that do this stuff. But i digress i may not be able to spray liquid nitrogen on some ram sticks or afford 700.00 usb drives but i have a new book to read so I'm WINNING! Thank you. Frank On Tue, Mar 8, 2011 at 9:38 AM, Matt Erasmus <matt.erasmus () gmail com> wrote:
Howdy While it's not directly related to your query you may find these posts interesting: http://lorgor.blogspot.com/2010/11/volatility-mem-forensics-iiiusing.html http://lorgor.blogspot.com/2010/11/volatility-memory-forensics-iiusing.html http://dfsforensics.blogspot.com/2011/03/bringing-linux-support-to-volatility.html There were a couple of interesting posts from SANS on the OS X side of things here: http://computer-forensics.sans.org/blog/2011/02/04/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-2 http://computer-forensics.sans.org/blog/2011/01/28/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-1 And the latest challenge from the HoneyNet project will give you ample chances to practice.. http://honeynet.org/challenges/2011_7_compromised_server As for books, I'm still looking myself. Mostly I just read blog posts and try and practice as much as I can. I hope this helps... Matt Erasmus // <matt.erasmus () gmail com> // @mattdoterasmus (keep calm and carry on) _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- The only good is knowledge and the only evil is ignorance. Socrates
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Books suggestions for Memory Imaging Tools??? Frank Forrester (Mar 08)
- Re: Books suggestions for Memory Imaging Tools??? Bugbear (Mar 08)
- Re: Books suggestions for Memory Imaging Tools??? Matt Erasmus (Mar 08)
- Re: Books suggestions for Memory Imaging Tools??? Frank Forrester (Mar 09)