Another thing I like to do when I have a quiet shift is to mention the security book I'm reading and see if any of you have other suggestions. Just this afternoon, I finally started reading one of the books I've had sitting on my desk for a couple of months, but just hadn't gotten to. This one is File System Forensics (ISBN 0-32-126817-2) by Brian Carrier (of TASK/Sleuthkit and Autopsy fame). I had the privilege of meeting Brian at a SANS conference when he was still a grad student, just after he released the first version of TCTUTILS, though I'm sure he won't remember me. So far, it looks like it will be an excellent addition to the other forensic books on my book shelf. I'll let you know for sure during my next shift.
Jim Clausing, jclausing /at/ isc.sans.org, also see http://handlers.sans.org/jclausing/ I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - Live Online
Oct 9th 2005
1 decade ago