I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
The biggest problem is not the pipes, but the size of the PCAP. tshark starts to use too much memory when the PCAP is several GB in size. Use tcpdump to make a smaller PCAP.
1
1
1
Congratulations to Team Deadpool Security LLC - Winners of the #FOR572 challenge at #SANSTokyo!
1
4
18
Good morning from #DFIRSummit! Yesterday I published Part 5 of my series on XFS internals - righteousit.wordpress.com/20…
29
48
More XFS content coming tomorrow morning! Catch up on what you missed here - righteousit.wordpress.com/ta…
1
2
1
5
Night owls and early birds, tune in for my trans-Pacific webcast "PCAP Command-Line Madness" at the end of the month sans.org/webcasts/108310
1
4
7
Part 4 of my series on the XFS file system is now up. This time we're looking at block directories righteousit.wordpress.com/20…
21
28
Wow the @Lyft drivers in NoVa this week have been pretty terrible. My ride to the airport had never dropped anybody at DCA before and didn’t know where to go.
"Konami Code"? It's a BSD-style tilde escape. Remember SSH inherited all this stuff from rlogin.
1
3
Part 3 of my series on XFS is up, beginning our exploration of directories in XFS righteousit.wordpress.com/20…
6
6
xfs_db is really useful for checking your work— I’ve got a patch to allow you to use blockget against a mounted file system or dirty image
Not that I’m aware of at this point. What’s weird is that small directories can be resident, but resident file data is not (currently) supported.
You want more XFS? I’ll give you more XFS! Part 2 is now visible - righteousit.wordpress.com/20…
9
23
I’ve been spending some time with XFS lately - righteousit.wordpress.com/20…
17
1
32
Correcting his own their/there mistake in a follow-up post has convinced me that Justin is somebody I would like to hang out with.
2