Results 1 to 8 of 8

Thread: Forensic Discovery by Dan Farmer and Wietse Venema

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323

    Forensic Discovery by Dan Farmer and Wietse Venema

    Just a quick FYI for those unaware, this has been released and I picked it up recently -- like today! . Given who the authors are it looks interesting and I have high expectations. Additionally, this isn't just about theory but also hands-on labs for those learning. It is heavily oriented towards the *nix environment, with a lot of the hands-on samples from Linux.


    For those unaware Dan Farmer and Wietse Venema are probably most well-known for the creation of SATAN (which has been used as a basis for SAINT, SARA and other vulnerability scanners)and The Coroner's Toolkit.

    Dan Farmer's Website

    Wietse Venema's Website
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Cool! :P Yet one more damn book I need to read when I could be rubbing out the competition for the Vercetti Gang in Vice City.

    I haven't finished (or really started) Incident Response, Drive-By WiFi, haven't even cracked the cover of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.

    Damnit. Ignorance is bliss.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Damnit. Ignorance is bliss.
    Naw... Knowledge is bliss. Ignorance is just damn cheaper.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    I'm damned happy about the things I "don't know"!!! But if I *know* I don't know them, they I am driven to work at it until I feel like I know them...even if I don't...

    Reminds me of that .sig one of the other members has...it's a link to a psych paper/article...Ignorant and Unaware of it! What a happy place to live.

    *sigh* doomed with intellect. Coming down from the trees was indeed a bad move.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #5
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    "Farmer and Venema do for digital archaeology what Indiana Jones did for historical archaeology.."
    --Richard Bejtlich, technical director, ManTech CFIA, and author of The Tao of Network Security Monitoring


    Heh.. Synonymously Analogously Put....
    Looks like a good read, I will have to put this on my wish list....
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  6. #6
    Senior Member
    Join Date
    Jan 2005
    Posts
    128
    I use to love reading books. In yr 6 i read like 40 books (also when i got into computers, programming in qbasic), but as time went on, i lost interest in sci-fi books etc etc.

    Until recently, i bought a couple books about Business, one by Donald J Trump.

    Anyway, now i cant get enough of books again. Especially computer related (btw, added Forensic Discovery to the list).

    Cheers Ms Mittens
    http://sfx-images.mozilla.org/affili...88x31/take.gif
    If You\'ve Done Something Right. People Wont Know You\'ve Done Anything At All - God (futurama)

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Just got this on Full Disclosure (I'll still read the book anyways):

    Source: http://hert.org/story.php/58

    After reading the review of Dan Farmer and Wietse's Forensic Discovery, you should hear about The Grugq who got fired from @stake after writing a Phrack Article in which he exposed numerous flaws in The Coroner's Toolkit by Dan & Wietse.

    Before you read this book, check out the video (bittorrent) of The Grugq on The Art of Defiling and see how to defeat "industry grade" forensic tools and techniques .

    You can also meet him at a hacker convention near you (in March at BCS2005 in Jakarta, in April at Black Hat in S'pore and Amsterdam and at HITB2005 Bahrain.

    Video of the Grugq's Speech, The Art of Defiling: http://www.hert.org/z/grugq.torrent (Courtesy of HITB2004)

    Presentation Slides: http://packetstormsecurity.com/hitb04/hitb04-grugq.pdf (from HITB2004)

    Phrack article: http://www.phrack.org/show.php?p=59&a=6 (Phrack 59)

    Grugq's Profile: http://www.bellua.com/bcs2005/asia05...ers.html#grugq

    The Grugq has been researching anti-forensics for almost 5 years. He has presented
    to the UK's largest forensic practitioner group where he scared Scotland Yard. Grugq has worked to secure the networks and hosts of global corporations, and he's also worked for security consulting companies. His work as a security consultant was cut short temporarily following the publication of an article on anti-forensics.

    P.S. Is it illegal to talk about anti-forensics under the Patriot Act?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    You can actually buy the book.. at WalMart ...

    LINK
    Dyn/Gnosis ~ Powerful/Knowledge
    www.Dyngnosis.com
    Tutorials - Site Penetration Logs - (TheCommunity)Forums - Toolss

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •