Thanks for the Roc Sec Podcast mention ChrisJ!

nice writeup Ryan!

Did anyone get to try l0pht crack 6?

Just reserved my hotel room for Notacon, myself (@punkrokk) and @antitree are both going to wardrive there

Anyone from EH.net gonna be there? 

I found a bunch of slides posted... http://www.shmoocon.org/presentations.html#keynote

I have not read the above book, but I have read and used Network Intrusion Detection, by Northcutt and Novak. It has a lot of great sections on Packet Analysis, some excellent tcpdump examples, as well as a very well rounded analysis of TCP and it's weaknesses. It goes into some stuff in more detail than Hacking Exposed in some cases (although the book is really on a different topic) and has dozens of example packet captures with detail analysis and explanations.  I use it to teach a Network Forensics and Security class.

I'm actually meeting with my lawyer next week, and hope to find out all the business side details on starting my own LLC. I will keep everyone in the loop if I find out anything interesting. I'm in New York, and I'm sure the laws in different states vary a bit.

One expense I'm sure of though is liability insurance, you should look for more info on that.

pop the box! 

from lurking around on the #remote-exploit IRC, the general consensus is it will be ready when it's ready. I'm sure it will be at least May or June... and it wouldn't surprise me if they release it at or right before Defcon 17. They have a lot of work to do to get all the BT4 repositories working correctly, and there is a ton of new hardware for them to support...

Or... you could ask on their forums  (at your own risk)

Hi,

So when I was at shmoocon, I was talking with some people about my thesis: Role Based File Archiving. The main problem I ran into with my research was that I couldn't find a good way to -- when archiving files -- to provide integrity or non-repudiation to the MAC timestamps (Modified, last Accessed, Created).

The above being said, my programmatic work around was to read the time stamps before copy, but then rewrite them after copy. The problem is that I don't want to have to do this, and this opens up a potential "weak link" in an archiving system especially in court if I can prove you can change the MAC stamps when archiving.

My question is: Does anyone know of a programatic way to archive files and folders in NTFS and ext3/4 that will truly archive the file (provide transparent archiving, for legal purposes... or just to know that it hasn't/can't be modified without an audit trail) for non-repudiation purposed and/or integrity purposes?

Thanks!

-=punkrokk=-

For those that don't know, BT4 is now based off ubuntu. BT4 is maturing into a full distro, and you will be able to update it constantly with the newest tools and updates.

where's part deux ??

Hey.... I got to hang with some friends (Brian and Ryan) as well as meet CG, oneeyedcarmen, and many other interesting peeps.... quite a few from the Chicago Hacker scene, and the chicago 2600... I enjoyed the FastTrack preview, and the shmoo release of Backtrack 4 beta. I wish it was longer!!! I also was able to pick up a few good books from NoStarch, as well as meet Paul and Larry from pauldotcom security weekly... all in all a great time!

Anyways, can't wait for Chicagocon in May!!!

-punkrokk

nice video Ryan, I liked the demo of the metasploit db also!

very interesting