[SASAG] Next Meeting May 8th, 2008 at 7pm

Ski Kacoroski kacoroski at gmail.com
Sun Apr 27 21:58:44 PDT 2008

Date: 	May 8th, 2008
Time: 	7pm
Place: 	EE1 Building (Electrical Engineering)
Room 403
University of Washington Campus
Directions: 	http://www.ee.washington.edu/contact.html
Subject: 	Introduction to Digital Forensics (aka Groveling
Through File Systems) 
Presenter: 	Hal Pomeranz

While it may not be as sexy as they make it look on TV, there are a
number of powerful Open Source tools available for analyzing file
systems and recovering data– even data that may have been deleted by
the attacker. This talk will start with an overview of the standard
Unix file system architecture and discuss tools for imaging file
systems, suggest useful idioms for detecting signs of a break-in, and
cover how to discover “interesting” data from deleted files and
re-assemble that data into an actual file image.


Hal Pomeranz is the founder and technical lead of Deer Run Associates,
and has been active in the system and network management/security field
for over twenty years. As a senior member of the Faculty for the SANS
Institute, Hal developed the SANS “Step-by-Step” course model and
currently serves as the track coordinator and primary instructor for
the SANS/GIAC Unix Security Certification track (GCUX). In 2001 he was
given the SAGE Outstanding Achievement Award for his teaching and
leadership in the field of System Administration.

More information about the Members mailing list