I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Up early on a holiday weekend, working on ransomware DFIR... just like all of my other colleagues. Sharing your frustration and disappointment. Thank you for your efforts.
1
8
Check out @attrc's reading list here
This pages contain my list of Recommended Reading books related to #DFIR & #infosec:
dfir.org/?q=node/8
If you know of a book written in the last 2-3 years that is missing then please let me know so that I can review it!
1
1
When I get to BTRFS it will be a series of blog posts like my earlier EXT4 and XFS work. But it's going to take a big case with a lot of BTRFS to get me to do that research.
1
For your weekend reading pleasure, I'm happy to announce a small update to my Linux Forensics class-- now with a new module on EXT4 and some fixes of previous errata. Always free at archive.org/details/HalLinux…
3
48
1
112
I’ll be talking about SELinux in a few weeks — pay what you can style! wildwesthackinfest.com/antis…
2
2
Quite the contrary. And I believe @SANSInstitute is soon to be rolling out a cloud-based Linux security course.
1
1
2
I’ve had some success using xfs-dbg as a forensic tool on XFS. Maybe BTRFS has an equivalent dev tool?
1
1
No, not at this time. This is a good thing since there isn’t good forensic tool support right now.
1
1
Hey @SANSInstitute can you look into this?
@hal_pomeranz Looking for your SANS series, "Understanding EXT4". I can access #6, but SANS removed 1 - 5.
2
1
Here I am jabbering on about SELinux again. Another @WWHackinFest "pay what you want" opportunity, Jul 13&14! wildwesthackinfest.com/antis…
9
24