Network Forensics Fun: Packet Pillaging Done Right!

Presented at BSidesSF 2015, April 20, 2015, 10 a.m. (120 minutes)

In this talk, I will walk attendees through how Bechtel's "Team DOFIR" took 1st place in LMG Security's Network Forensics Puzzle Contest (NFPC) at DefCon 22. Each year, LMG holds an awesome contest, and we are proud to show the tech that we used to complete last year's challenge. To solve the sucker, we used tools such as Wireshark, tshark, tcpflow, bash, perl (regex one-liners baby!), Python (w/various modules), and others. I'll show how we put together some scripts and commands in order to streamline our methodology. My goal: Show off some cool network forensics tech and garner interest for this year's NFPC. We want some top-notch competition, so check out what we have to offer and be sure to get your game on this year! Register for this workshop:  https://www.eventbrite.com/e/bsidessf-network-forensics-fun-packet-pillaging-done-right-son-tickets-16391442245 Prerequisites: Coming Soon

Presenters:

  • Ryan Chapman - Computer Incident Response Analyst - Bechtel Corporation
    Ryan Chapman works as an incident response analyst for Bechtel Corporation. Ryan enjoys the challenge of handling incidents, reversing malware, and automating tasks for the security operations center. He also loves public speaking and has presented at venues such as BSides, CactusCon, Splunk .Conf, and others. Ryan has a fondness for doing stand-up comedy, retro gaming, and plays plenty of Street Fighter. Hadouken!

Links:

Similar Presentations: