Sunday, December 13, 2009

DFRWS results posted

At the time the 2009 challenge was posted I think I only looked at the network traffic side of things and didn't get a lot out of it. Not sure if I'd done the GCFA and SANS 508 course at that time or not, but I know I didn't dig into the memory or disk dumps. Would have been nice to knowing a bit more about that stuff now. Anyway, glanced through a few of the writeups, very nice work!

You can find the writeups, challenge info, etc here

I think NetworkMiner will make much better use of the pcap files that Satori does, but Satori isn't designed for this type of thing anyway!

No comments: