TC October, 2005

Forensics Discovery

Security workshop

Tuesday — October 4th, 2005 09:50

Wietse presents lessons learned about persistence of information in file systems and in main memory of modern computers – how long information persists and why. The results are based on measurements of a variety of UNIX and Linux systems, with some results for Windows/XP, including how to recover encrypted files without knowing the key.

Presenters

  • Wietse Venema, FIRST Liason Member

  • Wietse Venema (IBM, US) US

    Wietse Venema is known for his software such as the TCP Wrapper and the POSTFIX mail system. He co-authored the SATAN network scanner and the Coroner's Toolkit for forensic analysis, and wrote a book on forensic computing with Dan Farmer. Wietse received awards from the System Administrator's Guild (SAGE) and from the Netherlands UNIX User Group (NLUUG). He completed his two-year term as the chair of the international Forum of Incident Response and Security Teams (FIRST). Wietse has a Ph.D. in physics and is a research staff member at the IBM T.J.Watson research center in the USA.

Presentation files

venema-wietse-slides.pdf

Type: Slides

Format: application/pdf

Last Update: October 25th, 2005

Size: 426.22 Kb