mirror of https://github.com/dirtbags/moth.git
class info emails
This commit is contained in:
parent
9f37f1f591
commit
f4c24f2b2b
|
@ -0,0 +1,75 @@
|
|||
Hi all,
|
||||
|
||||
You've been identified as registering for the Host Forensic online track of=
|
||||
Tracer FIRE 5. We will be conducting a one-day online class and we have s=
|
||||
plit the group of participants in two. If you're receiving this email, you=
|
||||
are registered for the Monday session. Wait, you ask what shall I do on T=
|
||||
uesday? Well, we have an opportunity for you to attend the Incident Coordi=
|
||||
nator online class. If you are interested in the Incident Coordinator cour=
|
||||
se, you can email Ben Anderson (brander@sandia.gov<mailto:brander@sandia.go=
|
||||
v>) or either myself or Dawn Abbott (emails listed below).
|
||||
|
||||
We've tried to keep attendees from the same site together on the same day. =
|
||||
If that didn't occur or for some other reason, and you really need to req=
|
||||
uest a change to attend the Tuesday online course please send an email to m=
|
||||
yself (ksnauer@sandia.gov<mailto:ksnauer@sandia.gov>) or to Dawn Abbott (dc=
|
||||
abbot@sandia.gov<mailto:dcabbot@sandia.gov>).
|
||||
|
||||
Also, you will need to have a certain configuration for your computer that =
|
||||
you'll be using to view and participate in the online course listed below.
|
||||
|
||||
Here are the requirements for virtual students of the Host Forensic track (=
|
||||
most software is available for free or you can use a trial version):
|
||||
|
||||
|
||||
1) You will need a computer running Windows 7 (or a virtual machine ru=
|
||||
nning Windows 7) with the Lync Attendee client (http://www.microsoft.com/en=
|
||||
-us/download/details.aspx?id=3D15755). The urls are provided below for all=
|
||||
of the software mentioned:
|
||||
|
||||
a. Sleuthkit 3.x or 4.0 ( http://www.sleuthkit.org/sleuthkit/download=
|
||||
.php )
|
||||
|
||||
b. Volatility 2.1 ( https://www.volatilesystems.com/default/volatility=
|
||||
)
|
||||
|
||||
c. Python 2.7.x ( http://www.python.org/download/releases/2.7.3/ )
|
||||
|
||||
d. PDF Dissector by Zynamics (optional)
|
||||
|
||||
e. Pdfubar ( http://code.google.com/p/pdfubar/ )
|
||||
|
||||
f. Jdgui ( http://java.decompiler.free.fr/ )
|
||||
|
||||
g. Java jvm ( http://www.java.com/en/download/index.jsp )
|
||||
|
||||
h. Ida Pro free version (or commercial if you already have a license) =
|
||||
http://out7.hex-rays.com/files/idafree50.exe
|
||||
|
||||
i. Wireshark ( http://www.wireshark.org/download.html )
|
||||
|
||||
j. a hex editor of your choice (example: http://www.hexworkshop.com=
|
||||
/)
|
||||
|
||||
k. Vmware workstation with Windows installed (for testing malcode)
|
||||
|
||||
|
||||
|
||||
2) A set of headphones (microphone not necessary) so you can listen in=
|
||||
to your online class if you're sitting in RECOIL facility (Albuquerque hub =
|
||||
attendees). If you are participating from the Albuquerque hub, you should =
|
||||
have received a separate email from Dawn Abbott with directions and a map o=
|
||||
f our location.
|
||||
|
||||
The url for attending the online class will be: https://meeting.sandia.gov=
|
||||
/ksnauer/W2NQ7RB5
|
||||
|
||||
Please join the meeting as a guest if you are not a Sandia staff member and=
|
||||
use the email address you registered with or just your name and organizat=
|
||||
ion.
|
||||
|
||||
See you on Monday.
|
||||
|
||||
Thanks,
|
||||
Kevin Nauer
|
||||
Sandia National Labs
|
|
@ -0,0 +1,84 @@
|
|||
Hi all,
|
||||
|
||||
You've been identified as registering for the Incident Coordinator online t=
|
||||
rack of Tracer FIRE 5 (Online). This is a one-day online class that will b=
|
||||
e given on Monday and Tuesday. i.e. - The content from Monday will be repe=
|
||||
ated on Tuesday. Please see the list at the bottom of this email for which=
|
||||
day you are scheduled for. While I would ask you try and stay with the se=
|
||||
lected day, the phone bridge will support everyone who requested to attend =
|
||||
so, if you need to change days, we should be able to accommodate you. Just=
|
||||
send me an email. (brander@sandia.gov<mailto:brander@sandia.gov>)
|
||||
|
||||
You will need to have a certain configuration for your computer and softwar=
|
||||
e that you'll be using to view and participate in the online course. These=
|
||||
are listed below:
|
||||
|
||||
1) You will need a computer running Windows 7 (or a virtual machine ru=
|
||||
nning Windows 7) with the Lync Attendee client (http://www.microsoft.com/en=
|
||||
-us/download/details.aspx?id=3D15755).
|
||||
a. PlotWeaver: Download at: http://ogievetsky.com/PlotWeaver/
|
||||
|
||||
2) A set of headphones (microphone not necessary) so you can listen in=
|
||||
to your online class if you're sitting in RECOIL facility (Albuquerque hub =
|
||||
attendees). If you are participating from the Albuquerque hub, you should =
|
||||
have received a separate email from Dawn Abbott with directions and a map o=
|
||||
f our location.
|
||||
|
||||
|
||||
The url for attending the online class will be: https://meeting.sandia.gov/=
|
||||
brander/N5SFHZMN
|
||||
|
||||
Please join the meeting as a guest if you are not a Sandia staff member and=
|
||||
use the email address you registered with (or just your name and organiza=
|
||||
tion).
|
||||
|
||||
In conjunction with Lync, we will be using a phone bridge. Lync audio can =
|
||||
be problematic, so we will have the phone as a backup.
|
||||
|
||||
The phone bridge information:
|
||||
|
||||
Phone #: 505-844-1208
|
||||
Or Toll Free within U.S. #: 1-877-720-1159
|
||||
Participant code: 186974
|
||||
|
||||
|
||||
Let me know if you have any questions. See you next week.
|
||||
|
||||
Ben Anderson
|
||||
Sandia National Laboratories
|
||||
brander@sandia.gov
|
||||
|
||||
|
||||
CLASS LIST
|
||||
|
||||
Monday Tuesda=
|
||||
y
|
||||
Anna Larez Brian B=
|
||||
randaw
|
||||
Diane Den Adel Kevin Bivens
|
||||
Drew Christensen Greg Cisko
|
||||
Geoffrey Jones Drew Sandqui=
|
||||
st
|
||||
Jennifer O'Sullivan Grant Jansen
|
||||
Jeremy Teuton Jeff Horne
|
||||
John Senn Julio M=
|
||||
asia
|
||||
Lyron Cobbins Mike Sleepe=
|
||||
r
|
||||
Jody Malik mjames
|
||||
Maria Kaneshiro Richard Grand=
|
||||
y
|
||||
Mike Cantrell Senteria =
|
||||
Jones
|
||||
Patrick O'Connell Steven Smiley
|
||||
Samuel Clements Timothy Larkin
|
||||
Seth Thompson Whinston Antio=
|
||||
n
|
||||
Tom Hankins Mark Gomez
|
||||
Frank Sornson Chris Collo=
|
||||
rd
|
||||
Craig Bowser
|
||||
Sean Nixon
|
||||
Forrest Reed
|
||||
Nadine Miller
|
||||
Dave Davis
|
|
@ -0,0 +1,29 @@
|
|||
You are registered for the Tracer Fire Malware Reverse Engineering c=
|
||||
lass starting February 4th at 8:00AM Mountain time. I will be conduct=
|
||||
ing the class through the GotoWebinar (<a href=3D"http://www.gotomeeting.co=
|
||||
m/fec/webinar">http://www.gotomeeting.com/fec/webinar</a>)
|
||||
software. Please check requirements for this tool before you attempt to co=
|
||||
nnect on Monday morning. On Monday morning I will send out the connection d=
|
||||
etails for the conference bridge and the link for the webinar connection.
|
||||
|
||||
Below are the requirements for participation in the class and labs:<br>
|
||||
|
||||
Laptop running VMware Workstation at least version 9. (VMware Fusion on the=
|
||||
Mac is fine)<br>
|
||||
|
||||
Fully configured VMware Workstation Windows 7 virtual machine (An XP image =
|
||||
will work as well). You must have administrative privileges and be able to =
|
||||
completely disable AV or remove it on all machines.<br>
|
||||
|
||||
If you bring a system with VirtualBox, VMware ESX Server, or anything that =
|
||||
is not VMware Workstation be aware that some (possibly all) of the labs mig=
|
||||
ht have problems.<br>
|
||||
|
||||
You will need an irc client and the ability to connect to an IRC server on =
|
||||
the internet. Pidgin is a nice client and tends to work with proxies quite =
|
||||
well. The IRC server we will be using is irc.oftc.net.
|
||||
|
||||
|
||||
Thanks<br>
|
||||
|
||||
Russ<br>
|
Loading…
Reference in New Issue