Search results

  1. I

    Conferences (2008)?

    thanks for the list Complete
  2. I

    Questions about certification

    I have and I work with ISC2 as a SME. I am a professional hacker (pen tester, red team expert). There are many names. "hacker" isn't a bad term. It is only "marketed" as evil by those that like to throw around hot keywords to sell their point. If you think that the term "hacking" is bad...
  3. I

    Wireless Access Point defense has a great project for WPA rainbow tables. The key could be 25 characters, but if it's a basic phrase it may still be vulnerable. If it has the makings of a "secure" password, you are right... it is near impossible at the moment. It doesn't really matter how long a WEP key...
  4. I

    Does ISP usually log incoming connections to hosts?

    Anything can be hacked given the right time and resources. As for logs. Yes they do, but you might have to get a lawyer to give the request. ISPs do not work well with others. Smaller ISPs do not work well, ... They may not keep logs or may have "issues" with the reliability of the...
  5. I

    Questions about certification

    lots of people knee jerk at my resume and I usually get on the top of the list. I think that is a good thing. ;) Hacking and forensics are the the worlds I focus in so if it wasn't on my resume, I would be getting the wrong jobs. IMHO, they should put reverse engineering software on...
  6. I

    Questions about certification

    ddow "Yes. CCE most helpful. CHFI is OK but I wouldn't put it on the resume, it's for knowledge only" why? it's a very hard test on v3. it has also added value to my resume. granted, it's burried amongst many others, but at the minimum it hits HR resume keyword searches. "I'd get a couple...
  7. I

    Questions about certification

    1) Would obtaining a certification now be particularly helpful in my career search? very 2) What are the differences between the certifications? (For example, does CHFI focus more on network intrusion/attack/etc. investigations than the CCE?) cce does not cover network intrusion/attack/etc...
  8. I

    Msc Dissertation Ideas

    how about develop a process for statistical analysis of flesh tones in images. Lots of resources to choose from and the community can use a decent application in this space.
  9. I

    Email inside pcap file

    Elisa You are right about multiple POP connections being held in different streams. But the entire conversation with the loggin through disconnect will be in the stream. This is everything the mail client sees. This includes the entire email including attachments. I like using it because I...
  10. I

    Email inside pcap file

    depending on the type of email you are trying to get out of the pcap file and what program dumped it. For example if you are able to view it in wireshark, just use the filter 'POP' (this will list all the pop protocol commands including password) 'ip contains ""' (this will...
  11. I

    Wireless Access Point defense

    PreferredUser Firewall software means nothing. An exploit or race condition can disable the local firewall. Account access is important unless there is no password or the target uses the same password for everything... I sniff networks and grab passwords (red teaming). I attempt to use the...
  12. I

    Wireless Access Point defense

    Truth is, WiFi is easy to hack even if it wasn't open. For example, I can crack WEP in less then 10 minutes. Once this is done, I can start an ARP poison attack and hijack all the traffic including encrypted traffic (all your passwords are belong to me). I can boot up Paros Proxy and inject a...
  13. I

    Protect from Denial of Service Attack?

    In truth, the best way to protect yourself is to keep your head low and don't tick off a hacking group... ;) I know several groups that are always looking for something to do. Patches are good, but unless you are Microsoft or Google and can afford the extra resources, there is no real protection.
  14. I

    DoD Clearance

    Get a job with a government contracting company or a government job. They give you the need to know and sponsor the clearance.
  15. I

    Protect from Denial of Service Attack?

    Keep patched. this will protect you from DoS attacks. DDoS attacks are a little different. Depending on if it is malformed packets or just basic resource starvation (full connect()), there are different solutions. Stay patched, block bad traffic, and distribute the server through a...
  16. I

    Commute or Online

    online. Spend the money you save on building a lab and then you can get all the hands-on you want.
  17. I

    Certifications or Masters????

    I agree with DoDForensics. Certs. Most job postings list degrees as optional +experience and certs as a requirement.
  18. I


    If you are going to sit for the CHFI v3, they seems to have added quite a bit of incident response content to the test from v2. Know what some of the basic hacker attacks are: • SQL injection • Cross Site Scripting (XSS) • Variable manipulation attacks • Buffer overflow (nops or no-ops sled)...
  19. I

    Need a Point in the Right Direction

    Message has been removed by poster.
  20. I

    EnCase's Killer

    there are several anti forensics tools & projects out there. Metasploit is a very nice tool. Sam Juicer requires the system to be exploited by Metasploit before it will run. Time Stomp zeros out the dates. There are several malware scripts that will mimic a target file's time stamp along...
  21. I

    IT Security and Computer Forensics

    Hacking certs... Knowing how and why helps you find out where to look. ceh/cnda/ecsa/lpt cept/cass/crea cptq/cpte nsa-iam/iem basic security is good too: security+ cissp/issap/issep/issmp depending on what you want to specialize in: Linux, Mac, Networking, wireless, cell phones, Malware...
  22. I

    Need a Point in the Right Direction

    drrcknlsn Did you follow your own link?
  23. I

    How do you keep up with CPE?

    I volunteer a lot along with sit on the board of two industry non-profits. I also go through a lot of training and develop courseware. As far as the CISSP, I have over 965.5 CPEs logged since January last year. ;) Most my CPEs are either forensics or hacking related and count for...
  24. I

    Expensive Software VS Free Software

    Why risk the case on tools that have a history of being thrown out because they are not well known and can't stand up to the Daubert test? I would love for Helix to be accepted. Simple fact is it isn’t yet.
  25. I

    Helix vs DEFT

    lol... Definately not a forensics tools, but one heck of an open source pen test tool. The new version even has Maltego in it! ;)
  26. I

    Experience Required?

    Re: Experience <t>The easiest way for you to get into the field would probably be to get an IT security job with a small company and build forensics capability for the organization. The experience will grow. Get forensics training (CCE/ACE/EnCE...) during that time and increase your skills...
  27. I

    Security clearance

    It is a red flag that you are living beyond your means. Technically, this is a security risk.
  28. I

    Security clearance

    10 years or 16... Which is the shortest is what is taken.
  29. I

    Security clearance

    Yes. It can be. I believe an FBI SA requires a TS with CI Poly.
  30. I

    Sr Security Consulant looking to transition into Forensics

    Depends on what part of "computer security' you are in. I love forensics, I love “ethical” hacking, and I’m starting to fall in love with reverse engineering. They all compliment each other, so I constantly work each side. There is always something to learn. They never get boring IMHO. On...
  31. I


    I like the training myself. Like all training, I think it could be better, but it is actually more well rounded then most. I currently have the CHFI, CEH, CNDA, ECSA, LPT, and CEI CHFI needs a practical to make it more valuable IMHO.
  32. I

    The Perfect Computer Forensics Job

    Getting paid very well to do relatively nothing (but play). ;) I guess I do that now, but can use a little more money and a little more play...
  33. I

    Accounting in Forensics

    Accounting can be very valuable of you want to make a niche for yourself. That opens the door for fraud investigations. The more you know, the better... Especially in this field. Why not go the extra few hours? If you're going that far, just get it over with... IMHO, just get it over with...
  34. I

    Security clearance required ?

    Agreed. Without the ability to get a clearance, you can't get gov/mil work. In the Commercial world, HB1 Visas are looked down upon because of a flood in the market a few years ago. There are several global companies that you may have a good shot with. ["Unfortunately, unless you are a...
  35. I

    Which One Is Better?

    " It never hurts to show a federal agency that you've been active with a police dept in one way or another.' make sure it is positive ... when the fingerprint card is pink instead of white, there may be a different set of questions they ask you. ;)
  36. I

    Specialties in Computer Forensics

    yes. change is in the air. potentially a lot of change...
  37. I

    Specialties in Computer Forensics

    Ya... You're right. lol On that note, my situation has changed and may be changing further very soon. ;) Far less stress and more access...
  38. I

    New Laws that will hurt Computer Forensics

    Many of us here have been doing that for years. Georgia is one of the biggest failures of human intelligence in this respect because the law makers are actually listening to the PI associations. ... The PIs see a big revenue stream and they want in on it. They think this is an easy field and...
  39. I

    Specialties in Computer Forensics

    I wouldn't exactly call it "work". lol
  40. I

    Merry Christmas and a Happy New Year!

    Merry Christmas and a Happy New Year!
  41. I

    How to prove that I did send an email?

    Depending on the "client" and the industry regs that they may need to comply with (SOX, HIPPA, GLBA, ...), the evidence may be on the client side
  42. I

    I am curious if people happen to know the salary range...

    Semantics can be a killer sometimes. Sorry for coming across abrasive.
  43. I

    I am curious if people happen to know the salary range...

    I do not have a poor opinion of sys admins, actually read my posts. You have made that label on yourself. --- You too. Have a great holiday. Snows coming, so you might have a white Christmas.
  44. I

    I am curious if people happen to know the salary range...

    It would be easier if management didn't force the rush mentality in the IT sector. Since that will never get fixed, train report writing and public speaking. Moc trials would be very nice. This forces the student to prepare and make sure everything is in order. Most forensic training only...
  45. I

    I am curious if people happen to know the salary range...

    First off, I know system admins that are amazing. They are rare to find and should be held onto tightly. You're obviously not an analyst. You have bad assumptions about what I value. I work in the government space and meet lazy people waiting for retirement or the check to clear. Many have...
  46. I

    Degree or Certification

    I've found higher pay with certifications. Degree optional.
  47. I

    Masking filesizes

    ADS is great for hiding data. ;) There are tools out ther ethat will increase the file size to match another file. Also tools out there to match the 4 NTFS date stamps. This compination is used to trick systems that don't MD5 compare the files.
  48. I

    Evidence of Chat -The State of the Hard Drive

    Javascript does hit the drive, it's client side scripting. It may only be oneway traffic, but the pages viewed should have touched the drive. If the data was on the drive and not overwriten, yes... it is recoverable. As long as it's not encrypted, it should be viewable.

About us

  • Our community began in 2004. Since this time, we have grown to have over 29,000+ members within the DFIR & Cyber Security community.

    We are happy to announce that this forum is now under new ownership with the goal to once again become the main Digital Forensics Forum on the internet for DFIR, OSINT and Cyber Security.

    If you can think of ways to help us improve, please let us know.

    We pride ourselves on offering unbiased, critical discussion among people of all different backgrounds.

    We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu