From Security Weekly Wiki
Jump to navigationJump to search

Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 266 for Thursday November 3d, 2011.

Guest Interview: Simple Nomad

6:00 PM EDT

Simple Nomad (aka Mark Loveless) is an old school hacker with a varied background that includes a focus in network-based intrusions and defenses. He does not have a security product, book, or service to sell, but at Mitre Corporation, he focuses almost exclusively on what has become known as "the APT", or Advanced Persistent Threat. His background and keen interest in network intrusions and defense, along with such topics as cryptography, reverse engineering, and covert channels have made his day job seem more like a fun hobby than work. When not behind a computer keyboard, he is behind a stack of musical keyboards, playing for the avant-garde metal band Dei Aemeth, and with his own industrial metal band, Cryptonomicon.


Music links:

Cryptonomicon Facebook page

Guest Tech Segment: Chris Pogue


Chris is a Senior Security Consultant for the Trustwave SpiderLabs, a Former US Army Signal Corps Warrant Officer and Member of the United States Secret Service Miami Electronic Crimes Task Force, and is Author of “Unix and Linux Forensic Analysis” by Syngress. Chris is on to give us an overview of his forensic methodology known as Sniper Forensics, whose users include both the FBI and the United States Secret Service.

Pogue Head.jpg

Author of the blog, “The Digital Standard"

  1. Why do you consider digital forensics tougher than other forensics fields?
  2. What's "Shotgun Forensics" and "Sniper Forensics"?
  3. What are the Guiding Principles for Sniper Forensics?
  4. Bring us thru Timeline Analysis - what it is and why its important.
  5. How have attackers changed with respect to memory dumping and other operations?
  6. Tell us what 3 things all malware must do.
  7. What are some good tips for malware that's packed or obfuscated?
  8. Nick indicated there were some interesting cases you were working on. Please share!