I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Thank you to everybody for all of the good times and support that I have received here. I am locking down this account and will no longer be providing content here. Find me as @hal_pomeranz@infosec.exchange. Come join us!
3
1
26
Comfy Con AU kicks off in about two hours. Come join us from wherever! au.comfycon.rocks/schedule
2
2
We are sometimes hyper-critical of technology, but we really do live in an age of miracles. I am currently watching a live stream of our daughter's college diving meet, while texting and sharing videos with my wife who is physically attending… infosec.exchange/@hal_pomera…
2
Linux audit.log files contain lines like:
type=PROCTITLE msg=audit(1584141754.020:42): proctitle=2F7362696E2F6D6F6470726F6265002D71002D2D0069707461626C655F66696C746572
The "proctitle=" value is a hex-encoded command line with… infosec.exchange/@hal_pomera…
1
2
Wow, yesterday's Linux DFIR command line trivia scared everybody off!
Let's start with this string:
6240111554 # I love bash!
Because, after all, who doesn't?
xfs_db -r -c "convert daddr $((6240111554 / 512)) fsblock" /path/to/image
Let's start… infosec.exchange/@hal_pomera…
1
1
2
Is this the Fediverse equivalent of “The September That Never Ended”? en.m.wikipedia.org/wiki/Eter…
2
You know the old joke about adding "... in bed" to the end of all your fortune cookie advice? Got a couple of winners at lunch today.
[Keep this in mind, kids!]
"Eat your vegetable and you'll grow up big and strong like Popeye...in bed"
[Worst… infosec.exchange/@hal_pomera…
1
You find a string of interest at a specific byte offset in your XFS file system image. How can you convert this byte offset into an XFS block address using only the command line?
#Linux #DFIR #CommandLine #Trivia
1
1
2
Lots of folks chimed in with the correct answer to yesterday's Linux DFIR command line trivia, but 🐘xuf@geraffel.social was quickest off the mark.
find /path/to/dir -type f -size +500M
This answer demonstrates a couple of "find" conventions. "+" and… infosec.exchange/@hal_pomera…
1
1
3
I'm not generally a "Follow Friday" kind of person, but as people migrate into the Fediverse I would urge them to not simply escape into the same echo chambers they have fled. Part of the joy of exploring this new universe is finding new voices to… infosec.exchange/@hal_pomera…
1
1
12
Give me Linux command to locate files larger than 500MB in a directory structure.
#Linx #DFIR #CommandLine #Trivia
6
1
8
Yesterday's Linux DFIR command line trivia asked for a Linux pipeline to output the 10 longest lines in a file.
You're going to need a loop to do this. You could go with an explicit loop, like 🐘secshoggoth@infosec.exchange did:
cat filename |… infosec.exchange/@hal_pomera…
1
I was contacted by a recruiter about this full-time DFIR job for Geico careers.geico.com/us/en/job/…
#DFIR #JobOpening #Remote
2