Export to

• Google Calendar
• iCalendar file
• hCalendar markup
  <div class="vevent h-event"> <h1 class="summary p-name">Portland Linux/Unix Group: Intro to Digital Forensics</h1> <div class='date'><time class="dtstart dt-start" title="2009-02-05T19:00:00" datetime="2009-02-05T19:00:00">Thursday, February 5, 2009 from 7</time>–<time class="dtend dt-end" title="2009-02-05T21:00:00" datetime="2009-02-05T21:00:00">9pm</time></div> <div class="location vcard p-location h-card"> <a class="url" href='http://calagator.org/venues/202391953'><span class='fn org p-name'>Portland State University FAB, Room 86-09</span></a> <div class="adr p-adr h-adr"> <div class="street-address p-street-address">1900 SW Fourth Avenue</div> <span class="locality p-locality">Portland</span> , <span class="region p-region">Oregon</span> <span class="postal-code p-postal-code">97201</span> <div class="country-name p-country-name">US</div> (<a href='https://maps.google.com/maps?q=1900%20SW%20Fourth%20Avenue,%20Portland%20Oregon%2097201%20US'>map</a>) </div> </div> <div class="description p-description"> <pre><code> PRESENTATION Intro to Digital Forensics (aka Groveling Through File Systems) by Hal Pomeranz Deer Run Associates </code></pre> <p> While it may not be as sexy as they make it look on TV, there are a number of powerful Open Source tools available for analyzing file systems and recovering data-- even data that may have been deleted by the attacker. This talk will start with an overview of the standard Unix file system architecture and discuss tools for imaging file systems, suggest a few useful tools and idioms for finding clues in your images, and cover how to discover "interesting" data from deleted files and re-assemble that data into an actual file image.</p> <p> Hal Pomeranz is the founder and technical lead of Deer Run Associates, and has been active in the system and network management/security field for over twenty years. As a senior member of the Faculty for the SANS Institute, Hal developed the SANS "Step-by-Step" course model and currently serves as the track coordinator and primary instructor for the SANS/GIAC Linux/Unix Security Certification track (GCUX). In 2001 he was given the SAGE Outstanding Achievement Award for his teaching and leadership in the field of System Administration.</p> <p> Note:</p> <pre><code>(1) The slides for the presentation are available at: <a href="http://www.deer-run.com/~hal/IntroToDigitalForensics.pdf">http://www.deer-run.com/~hal/IntroToDigitalForensics.pdf</a> (2) Randal Schwartz will do a live cast of this presentation at: <a href="http://www.talkshoe.com/tc/25652">http://www.talkshoe.com/tc/25652</a> You can follow along if you have a web browser, and if you register, you can also participate in the chat, and Randal might relay your questions to the speaker. The recording of the session will be available afterward at the same address. </code></pre> </div> <h3>Links</h3> <ul> <li><a class="url u-url" href="http://pdxLinux.org">Website</a></li> </ul> </div>