diff --git a/doc/2013-02-TF5/netre-email.txt b/doc/2013-02-TF5/netre-email.txt deleted file mode 100644 index 13dc0d0..0000000 --- a/doc/2013-02-TF5/netre-email.txt +++ /dev/null @@ -1,165 +0,0 @@ -From: Neale Pickett -To: RCPT -Subject: Tracer FIRE: Network Archaeology Information - -Welcome to the Network Archaeology course! - -Your token is: TOKEN. Please write this down, but protect it as -though it were a password. - - -Summary --------- - -* 8-11 AM and 1-4 PM (US/Mountain), Mon Feb 4 - Tue Feb 5 -* Get started at http://tf5.lanl.gov/netarch.html -* Work at your own pace, using tutorial videos on YouTube -* Connect to irc://irc.oftc.net/netarch for Q/A -* Use you token (TOKEN) to ask questions and check lab answers - -IRC is going to be the biggest challenge for some participants. We urge -you to connect to IRC and test the channel moderation bot before Monday, -since we won't be able to help you get connected during the course. - - - -What to Expect ------------- - -Network Archaeology is a self-paced course, consisting of tutorial -labs and video tutorials on YouTube. Instructors are available on IRC -(Internet Relay Chat) to answer questions and provide help as you work -through the labs at your own speed. - -When the course begins Monday morning at 8:00AM US/Mountain, log on to -IRC, then check the web page at http://tf5.lanl.gov/netarch.html for links -to the lab server, an introductory video, and tutorial videos on YouTube. - -After the first 8 labs, we expect you to figure out on your own -how to approach and solve problems. We will update the page at -http://tf5.lanl.gov/netarch.html with links to more tutorial videos to -keep you from getting stuck, though. - -You will see questions and answers in the IRC channel. When you have -a question of your own, message the moderator from your IRC client: - - /msg netarch-moderator TOKEN What does = mean in base64? - - - -Course requirements ----------------- - -You need: - -* A laptop with Linux or MacOS (Linux preferred, inside a VM is fine) -* Wireshark -* tcpdump -* tcpflow -* gcc and make -* python3 -* A plain text or code editor, such as gedit -* An IRC client such as xchat or pidgin - -Please have all your software installed and ready to go when the course -begins. We will not be available to help with software installation. - - - -Connecting to IRC --------------- - -IRC is the technology used by NNSA's Tracer group for collaborative -incident response, and it will soon be used by DOE's NSM group as well. -If you have never used IRC before, we urge you to test it out before -Monday. Neither Patrick nor Neale will be available to provide assistance -connecting to IRC after the course begins: please familiarize yourself -with IRC before Monday. - -If you are on LANL's collab IRC server, you may join channel #tf5 right -now; I am in the channel and would be happy to chat with you. The collab -channel is unmoderated, you may ask questions right in the channel. -You can skip the rest of the IRC sections. - -If you are not on LANL's collab IRC server, or don't know what that means, -you need to connect to the moderated channel on OFTC. You may install -any IRC client you like--I use xchat--and tell it to connect to the OFTC -network (irc.oftc.net). - -If you can't connect to IRC with an installed client, you may have better -luck with the web-based Mibbit (http://www.mibbit.com/). Remember to -select the OFTC network, and to put # in front of channel names. - - - -IRC Channels ----------- - -There are two OFTC channel for the course: #tf5 and #netarch. - -#tf5 is an unmoderated channel for all Tracer FIRE 5 participants. -You may be able to get help from other people (not the instructors) -in #tf5. You don't have to join #tf5, though: it's optional. - -#netarch is the course channel, and is moderated. Questions must be -sent to netarch-moderator, with your token. For example: - - /msg netarch-moderator TOKEN How do I start a Python shell? - -netarch-moderator will reply saying it has put your question in the queue, -and it will send your question to #netarch when the instructors are ready. - -If you provide an invalid token, or don't provide a token at all, the -moderator will not respond. - - - -Testing your IRC connection ----------------------- - -I implore you to connect to IRC right now, join #netarch, and make sure -you understand how to send messages to the moderator. You can verify -that the moderator sees your token by typing: - - /msg netarch-moderator TOKEN test - - - -Where to go for technical support --------------------------- - -Due to the number of participants we have this year, we will not be able -to provide any technical support outside of helping you work through labs. -There will be people in the #tf5 IRC channel who may be willing to assist -you if you ask nicely. - -For this reason, it is very important that you have figured out how to -connect to IRC before Monday. There are many resources on the Internet -to help you with this. - -A few of you will be unable to connect to IRC, even after going over -the instructions in this email carefully. I apologize in advance for -being unable to help you get connected during the course. - - - -About your Instructors ------------------- - - Neale Pickett, Los Alamos National Laboratory - Neale created the network archaeology toolkit for python, and is - the principal organizer of Tracer FIRE. He has been involved in - several high-profile incident response efforts across DOE/NNSA - since 2005, and has been teaching this course since 2010. - - Patrick Avery, Pantex Plant - Patrick, a former and current student of Neale, is one of the - biggest advertisers of the network archaology toolkit -- singing - its glory from the mountaintops. He has been involved in several - high-profile incident response efforts across DOE/NNSA since - 2009 and has been assisting with this course since 2011. - - The Tracer FIRE Registration and Moderation Fairies - The Tracer FIRE Fairies are new in 2013. The Registration Fairy - is sorry for sending so many emails, and the Moderation Fairy is - sorry you lost your token (which is TOKEN).