http://www.odeo.com/channels/3383-LiveAmmo-Company-Blog BestOfTx no LiveAmmo Corporation Company Blog LiveAmmo Corporation Company Blog LiveAmmo Corporation Company Blog en 40 Wed, 20 Jun 2007 20:59:26 -0700 Wed, 20 Jun 2007 20:59:26 -0700 http://www.odeo.com/episodes/22039397-Digital-Forensics-and-Hacking-Investigations-Part-4 In Part 4 of this series, we discuss network forensics and misuse investigations; different types of devices that may hold suspect data or evidence; introduction to the 7-layer OSI model; network forensics and the role of sniffers and protocol analysis software; the function of network interface cards and layer-2 content inspection; overview of how a NIC works; overview of how a sniffer works; introduction to promiscuous mode; the 4 ways to capture traffic for network forensics; introduction to spanning and mirroring switch ports; introduction to buffered and unbuffered network taps; layer-2 transparent bridging concepts; 8-track hubs and building a receive-only ethernet cable; reasons why ARP cache poisoning shouldn’t be used for network forensics; defeating name resolution-based promiscuous mode detection; defeating specially crafted ARP and malformed multicast-based promiscuous mode detection; default snaplengths and configuring a sniffer for full packet capture; introducti... In Part 4 of this series, we discuss network forensics and misuse investigations; different types of devices that may hold suspect data or evidence; introduction to the 7-layer OSI model; network forensics and the role of sniffers and protocol analysis software; the function of network interface cards and layer-2 content inspection; overview of how a NIC works; overview of how a sniffer works; introduction to promiscuous mode; the 4 ways to capture traffic for network forensics; introduction to spanning and mirroring switch ports; introduction to buffered and unbuffered network taps; layer-2 transparent bridging concepts; 8-track hubs and building a receive-only ethernet cable; reasons why ARP cache poisoning shouldn’t be used for network forensics; defeating name resolution-based promiscuous mode detection; defeating specially crafted ARP and malformed multicast-based promiscuous mode detection; default snaplengths and configuring a sniffer for full packet capture; introduction to tcpdump and windump; issues with Win32-derived packet capture libraries; introduction to the Network Toolkit from CACE Technologies; and more. This LiveAmmo Podcast is in .mp3 format, 00:36:15 in duration, and a 17.4 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcast and news feeds. In Part 4 of this series, we discuss network forensics and misuse investigations; different types of devices that may hold suspect data or evidence; introduction to the 7-layer OSI model; network forensics and the role of sniffers and protocol analysis software; the function of network interface cards and layer-2 content inspection; overview of how a NIC works; overview of how a sniffer works; introduction to promiscuous mode; the 4 ways to capture traffic for network forensics; introduction to spanning and mirroring switch ports; introduction to buffered and unbuffered network taps; layer-2 transparent bridging concepts; 8-track hubs and building a receive-only ethernet cable; reasons why ARP cache poisoning shouldn’t be used for network forensics; defeating name resolution-based promiscuous mode detection; defeating specially crafted ARP and malformed multicast-based promiscuous mode detection; default snaplengths and configuring a sniffer for full packet capture; introduction to tcpdump and windump; issues with Win32-derived packet capture libraries; introduction to the Network Toolkit from CACE Technologies; and more. This LiveAmmo Podcast is in .mp3 format, 00:36:15 in duration, and a 17.4 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcast and news feeds. tag:odeo.com,2007-06-20,22039397 Wed, 20 Jun 2007 20:59:26 -0700 no LiveAmmo Company Blog podcasts http://www.odeo.com/episodes/22039399-Digital-Forensics-and-Hacking-Investigations-Part-3 In Part 3 of this series, we discuss the initial crime scene investigative process; chain of custody and collecting evidence; civil vs. criminal investigations; limiting exposure to evidence; incident response and NIST Special Publication 800-61; BIOS analysis and understanding clock skew; the art of onsite diplomacy; probable cause and search warrants; the consent required to monitor network traffic; network forensics and the requirement for system banners, acceptable use policies, and third-party consent; consent and keystroke loggers; how law enforcement uses search warrants; the plain view doctrine; international issues with investigating computer crime; what are “artifacts”; acceptable use policies and outside contractors; initial computer forensic investigation methodology; introduction to flowcharting tools; determining required resources for a computer misuse investigation; initial risk assessment for computer crime; conveying electronic discovery concepts in lay... In Part 3 of this series, we discuss the initial crime scene investigative process; chain of custody and collecting evidence; civil vs. criminal investigations; limiting exposure to evidence; incident response and NIST Special Publication 800-61; BIOS analysis and understanding clock skew; the art of onsite diplomacy; probable cause and search warrants; the consent required to monitor network traffic; network forensics and the requirement for system banners, acceptable use policies, and third-party consent; consent and keystroke loggers; how law enforcement uses search warrants; the plain view doctrine; international issues with investigating computer crime; what are “artifacts”; acceptable use policies and outside contractors; initial computer forensic investigation methodology; introduction to flowcharting tools; determining required resources for a computer misuse investigation; initial risk assessment for computer crime; conveying electronic discovery concepts in layman’s terms; post action reviews for e-discovery exercises; initial operating system identification for onsite forensic analysis; and more. This LiveAmmo Podcast is in .mp3 format, 00:46:08 in duration, and a 22.14 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. In Part 3 of this series, we discuss the initial crime scene investigative process; chain of custody and collecting evidence; civil vs. criminal investigations; limiting exposure to evidence; incident response and NIST Special Publication 800-61; BIOS analysis and understanding clock skew; the art of onsite diplomacy; probable cause and search warrants; the consent required to monitor network traffic; network forensics and the requirement for system banners, acceptable use policies, and third-party consent; consent and keystroke loggers; how law enforcement uses search warrants; the plain view doctrine; international issues with investigating computer crime; what are “artifacts”; acceptable use policies and outside contractors; initial computer forensic investigation methodology; introduction to flowcharting tools; determining required resources for a computer misuse investigation; initial risk assessment for computer crime; conveying electronic discovery concepts in layman’s terms; post action reviews for e-discovery exercises; initial operating system identification for onsite forensic analysis; and more. This LiveAmmo Podcast is in .mp3 format, 00:46:08 in duration, and a 22.14 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. tag:odeo.com,2007-06-20,22039399 Wed, 20 Jun 2007 20:56:34 -0700 no LiveAmmo Company Blog podcasts http://www.odeo.com/episodes/22039417-Digital-Forensics-and-Hacking-Investigations-Part-2 In Part 2 of this series, we discuss definitions for intellectual property; concepts for authentication of suspect data; introduction to hashing algorithms; electronic discovery protocols; definitions and standards for digital evidence acquisition, capture, and authentication; cyberstalking and online social networks; data protection and privacy regulations; federal powers and the Interstate Commerce Clause; introduction to federal rules governing computer crime and intellectual property theft; FOIA and Sunshine Laws; the process of building a computer crime case; identification of suspect evidence, including form factors and formats used for storage containers; building a forensics toolkit; write blocking devices and the ideal disk imaging system; introduction to Host Protected Area (HPA) analysis; introduction to BIOS and firmware-based rootkits and trojan technology; and more. Errata: In this episode we made a mistake by saying that the HPA is at the beginning of the drive; the D... In Part 2 of this series, we discuss definitions for intellectual property; concepts for authentication of suspect data; introduction to hashing algorithms; electronic discovery protocols; definitions and standards for digital evidence acquisition, capture, and authentication; cyberstalking and online social networks; data protection and privacy regulations; federal powers and the Interstate Commerce Clause; introduction to federal rules governing computer crime and intellectual property theft; FOIA and Sunshine Laws; the process of building a computer crime case; identification of suspect evidence, including form factors and formats used for storage containers; building a forensics toolkit; write blocking devices and the ideal disk imaging system; introduction to Host Protected Area (HPA) analysis; introduction to BIOS and firmware-based rootkits and trojan technology; and more. Errata: In this episode we made a mistake by saying that the HPA is at the beginning of the drive; the DCO and HPA both exist at the end of the drive. Thanks to Rush for pointing this out. This LiveAmmo Podcast is in .mp3 format, 00:46:49 in duration, and a 22.47 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. In Part 2 of this series, we discuss definitions for intellectual property; concepts for authentication of suspect data; introduction to hashing algorithms; electronic discovery protocols; definitions and standards for digital evidence acquisition, capture, and authentication; cyberstalking and online social networks; data protection and privacy regulations; federal powers and the Interstate Commerce Clause; introduction to federal rules governing computer crime and intellectual property theft; FOIA and Sunshine Laws; the process of building a computer crime case; identification of suspect evidence, including form factors and formats used for storage containers; building a forensics toolkit; write blocking devices and the ideal disk imaging system; introduction to Host Protected Area (HPA) analysis; introduction to BIOS and firmware-based rootkits and trojan technology; and more. Errata: In this episode we made a mistake by saying that the HPA is at the beginning of the drive; the DCO and HPA both exist at the end of the drive. Thanks to Rush for pointing this out. This LiveAmmo Podcast is in .mp3 format, 00:46:49 in duration, and a 22.47 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. tag:odeo.com,2007-06-20,22039417 Wed, 20 Jun 2007 20:55:10 -0700 no LiveAmmo Company Blog podcasts http://www.odeo.com/episodes/22039422-Digital-Forensics-and-Hacking-Investigations-Part-1 In Part 1 of this series, we discuss the historic origins and roots of forensic science; introduction to the nomenclature and terms of reference used for forensic analysis; data capture and acquisition; tool validation; digital evidence authentication; technical witness vs. expert witness; write blocking technology; and more. This LiveAmmo Podcast is in .mp3 format, 00:44:20 in duration, and a 21.28 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. In Part 1 of this series, we discuss the historic origins and roots of forensic science; introduction to the nomenclature and terms of reference used for forensic analysis; data capture and acquisition; tool validation; digital evidence authentication; technical witness vs. expert witness; write blocking technology; and more. This LiveAmmo Podcast is in .mp3 format, 00:44:20 in duration, and a 21.28 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. In Part 1 of this series, we discuss the historic origins and roots of forensic science; introduction to the nomenclature and terms of reference used for forensic analysis; data capture and acquisition; tool validation; digital evidence authentication; technical witness vs. expert witness; write blocking technology; and more. This LiveAmmo Podcast is in .mp3 format, 00:44:20 in duration, and a 21.28 MB download. Visit the LiveAmmo Computer Forensics Podcast Archives for more information about how to subscribe to our podcasts and news feeds. tag:odeo.com,2007-06-20,22039422 Wed, 20 Jun 2007 20:24:37 -0700 no LiveAmmo Company Blog podcasts http://www.odeo.com/episodes/1077237-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-5 tag:odeo.com,2006-04-04,1077237 Tue, 04 Apr 2006 15:14:00 -0700 no LiveAmmo Company Blog http://www.odeo.com/episodes/830387-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-4 tag:odeo.com,2006-03-05,830387 Sun, 05 Mar 2006 19:52:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/830291-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-3 tag:odeo.com,2006-02-27,830291 Mon, 27 Feb 2006 18:37:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/794993-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-3 tag:odeo.com,2006-02-27,794993 Mon, 27 Feb 2006 10:37:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/761734-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-2 tag:odeo.com,2006-02-20,761734 Mon, 20 Feb 2006 19:34:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/777982-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-2 tag:odeo.com,2006-02-20,777982 Mon, 20 Feb 2006 11:34:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/830190-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-1 tag:odeo.com,2006-02-14,830190 Tue, 14 Feb 2006 13:57:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/728412-Podcast-Digital-Forensics-and-Hacking-Investigations-Part-1 tag:odeo.com,2006-02-14,728412 Tue, 14 Feb 2006 05:57:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/631887-Podcast-NYPR-Interview-with-Marty-Kaiser tag:odeo.com,2005-12-23,631887 Fri, 23 Dec 2005 19:15:00 -0800 no LiveAmmo Company Blog http://www.odeo.com/episodes/357347-Podcast-LiveAmmo-Security-Review-for-Oct-23-2005 tag:odeo.com,2005-10-23,357347 Sun, 23 Oct 2005 18:59:00 -0700 no LiveAmmo Company Blog http://www.odeo.com/episodes/63208-Podcast-Network-Reconnaissance-and-Information-Gathering tag:odeo.com,2005-07-16,63208 Sat, 16 Jul 2005 08:57:00 -0700 no LiveAmmo Company Blog http://www.odeo.com/episodes/51948-Podcast-Introduction-to-Ethical-Hacking tag:odeo.com,2005-07-16,51948 Sat, 16 Jul 2005 08:45:00 -0700 no LiveAmmo Company Blog