In the mean time, I'll post some interesting things I've come across. I am personally always looking for more information on various computer forensics/security topics. After a recent conversation with some friends of mine from the John Jay College forensics program about how one can keep up with changes in these fields, I thought I might share a few resources that I use. Hopefully some of these links will be interesting to some of you. Instead of focusing on a particular tool, I'm going to focus on the human factor: where do you find people who are interested/experts in these fields? Where can you hear them talk? Where can you interact with them? Where can you get further information about a particular subject?
Podcasts / Webcasts
There are some interesting podcasts out there. Most people already know about them, but what the heck, I'm going to list some anyway in alphabetical order:
SANS' last webcast was a very good overview of what can be accomplished with memory forensics. Also Talk Forensics and PaulDotCom recently had two great podcasts with Harlan Carvey - the man of Windows Forensics. Exotic Liability is a fairly new security podcast that is as extremely interesting and entertaining. The nice thing about most of these podcasts is that you can ask questions in real time by online chat or by calling in to the show.
Forums / Listserves
Well, there are a ton of different forums/listserves for various things. Here is a short list:
- Linux Forensics Listserv
- Metasploit Listserv
- Volatility Users and Developers Listserves
- Windows Forensics Listserv
There are just too, too many to list. So, I'll tell you what I'll do... I'll give you my (edited) Google Feeds xml file if you are interested in finding more blogs. If you use Google Reader you can just import the file. I've tried to split things up into 3 categories: Forensics, Technical Law and Security. Some things overlap. Don't be offended if you own one of these blogs and aren't "listed correctly." One thing I like about using Google Reader is the ability to search over the blog posts. There are lots of times I remember reading something, but can't quite remember where I found it... this helps.
Lots of computer forensics and security professionals can be found on Twitter. I've enjoyed my time on twitter talking with everyone there. Since I'm afraid to leave anyone out, I'll abstain from listing anyone at this point, but most of the people discussed above are on twitter and if you just search for security or forensics you'll end up finding a few more. Also a lot of people who maintain blogs also post links to their twitter profiles. Now of course, there is always the chance that someone could be "disinformational" either on purpose or not (Didier Stevens is not by the way ;-)) but more than likely you will learn a lot from people and will keep up with current events.
In spite of some of the bad things that have happened on LinkedIn in the past, it is a very helpful tool for networking and gaining information. In addition to establishing contacts with others who are in your field, you can also join groups for your interests. There are several computer forensics and security groups on LinkedIn that are very "happening" as far as member participation. Joining is easy. Some groups may have criteria about who may join, but you can search for groups by subject and decide which ones fit your interests.
Well, that's enough for now... I'm going back to hang out on #volatility on irc.freenode.net ;-)