This is a little off topic, but I really do appreciate a genuine notion of ethics in this group.  And it is done with out all the internet board anger\garbage talk\ or what ever you would like to call it.  I dont find that much in my profession....so Cheers to all!

to the person that posted - dont be offended if you are a newbie or a seasoned IT person.  This is good litmus testing just as our profession needs.

There are so many levels of problems here.  If this is the case, it is still not legal to break someones personal email account.  You cant take thier password and rummage through thier account. 

but you can examine the computer.  This is done every day.  Just get a forensic examiner to check it out.  With encase you can peice together a bunch of interesting things like webmail pages.  Plus, if it turns into litigation, you stealing a password isnot going to help matters.

Hey guys,
Are there any tools that any of you recommend to pull flat file EDBs form BKFs?  I am looking at a couple recovery tools, but I am just wondering if any one out there has some good tricks.  Since there is no way to mount these in Encase, it is a pain in the but to extract message stores.  Also, if you use any of the restore software, it wont allow you to restore to anything but and exchange server.

I agree with VJ.  I would just start with the basic certs and move on to the more technical or difficult ones.  Sec+, Ethical Hacker, MCSE or Cisco then maybe move onto something like a CISSP (not technical or difficult but may help in career progression).  The reason I say an MS or Cisco (or a developer track if that is what you are into) is becuase I find that in the security world it is nice to really understand the technology outside of a security context.  That is why I suggest to many people that want to be in security "go be a developer or network engineer first...it will serve you well."   Kinda like being a cop before you are a detective.  It gives you a good perspective. 

I think the most important thing is to find a good company that will give you a well rounded experience.  Personally, when I hire, I dont concentrate on certs.  They help a little when there is a good balance of certs and expereince.

Cheers! 

It really depends on what and why you want to get certified.  I think a PMP is very valuable.  But I dont think it would help you much if you are posting in this forum.

and oh yeah the fact that someone openly placed malicious data on a machine makes proving guilt in court very difficult.  You guys are dead on.  Forensics need to follow a strict set of rules.  What kind of rules did that guy follow?  probably none.  That comes up in almost every case I am part of. "how do we know someone else didnt put this here/edit this/post this...yadda yaddaa" 

Ok I will get off my soap box  

There are so many issues here.  I agree with Cadilac.  There is no difference between the virtual world and physical world.  I think many of you are right on target.  

The only thing I could add is that child porn is a low hanging fruit.  Everyone can agree that it is awful.  If they make it OK to be a hactivist to do this, they can also push the envelope closer to internet regulation and monitoring.  Breaking the law is breaking the law.  

I really quesiton what that guy is doing on CP sites posting CP.  What would happen if I went out and dealt crack or meth - but I I put a tracker in the bags.  I would still be a meth dealer and I would go to jail.  I imagine he is not posting inoceently...he has to be enticing people.  I have to go re-enact the crying game and go cry in my shower....ugh.

This is interesting.  This made me think of how pendulums swing from one side to the other.  Right now people find security in doing bad stuff from their home office…toilet…or what ever special place they have.  Imagine when true street criminals find it easy to extort local companies.  Meaning, they become more localized and crime based.  One scenario would be exactly like old school mobsters…just a little nerdy.  The local coffee shop has a free wireless network that brings in people from all around.  Gangster X decides to take it over and turn it off or start hijacking info.  They tell the owner that this can stop if they pay up a small fee.  They can call the cops…but really what is that going to do if they are threatening violence.  This is a stretch, but the scenerios could get interesting.     

Hi everyone,
this should be an easy question, but I cant seem to find a good list.  so I figured I would ask my new favorite site!

What industry regulations require Pen Testing?  I know the sections in PCI, and I know HIPAA kinda almost suggests it.  What other regs state that you must?

this is so great.  Not just because I am a recovering comic nerd, but I think it is good to have some form of pop culture promoting security and not the actual hacking part.  I actually thought about this in great detail before...Every group has a good and bad counter part.  There is nothing out there to counter the Hacker image.  A kid may grow up wanting to be a hacker...but why would he grow up thinking "I want to be a security analyst!".  At one time kids thought Al Capone was so cool.  Then Elliot Ness, the FBI  and other things filled the white hat void.

Very cool!

I hear this question alot.  Sometimes I speak at universities and this is a very popular question.  One one side, this is a great issue becuase is shows how immature the industry is.  What we do today can change an entire career field!  But then again, if you are new to the security world, it is tought to get that first break. 

One thing I noticed is there are not many companies that have a dedicated security person...although they want one.  From what I have seen, if you get into a company as a network engineer or analyst of some sort (just about anything in IT, and show a strong interest in security, you can usually wear that hat...or parts of that hat.  And I think this is a great way to introduce yourself simply due to the fact that you probably should work at the development and engineering side before security...just my opinion.

Cheers!

I think this is a good question.  And it really shows the immaturity of this feild.  It is great to be part of something so young in development.  As Psud0 stated, it may be important on the stand.  But then again I know several lawyers and kinda understand how they think...they will look for a weak spot regardless.   Meaning, If you are certified in Encase, they will bust your balls about other technologies or investigative procedures.  It also depends on what you are investigating.  If you are investigating network and internet issues you may get grilled on you knowledge (and proff of) of the netowrking and how you got your conclusions.  Most people here know the law and lawyers dont always play by reality:)

All in all the best idea is to get a 1 or 2 technical certs and 1 or 2 forensic ones.  Being well rounded has never hurt anyone.  As for the "best"...I think it all depends on situation.  hwos that for a long non-answer!

Ive never personally come across it.  I imagine that has alot to do with the types of issues ive worked with.  That takes a certain amount of skill and understanding.  Personally, I think it is something that may get bigger in the future if someone comes up with a poular tool to make it understandable and easy for the dodgey folks.

Cheers!
Shane