Full Disclosure mailing list archives

Re: SANS Stuff

From: James Tucker <jftucker () gmail com>
Date: Mon, 05 Dec 2005 20:08:06 +0000

c0ntex wrote:

On 05/12/05, InfoSecBOFH <infosecbofh () gmail com> wrote:

That is hilarious and proves that a.) Mr. Tucker has his head so far
up SANS ass...that he can't see how stupid it really is and b.)  SANS
is truly a waste of time/money.


I think James just misread my email as unfounded, since I never
supplied a link to the page, or something.

Maybe I am just missing it but I can't really see how promoting
knowledge of the outdated FAT file system will make
you "Sharp", it's not exactly a cutting edge technology...  coupled

with the requirement to know what a file and a directory is -wouldn't attending that make you feel like a right chump.


Next thing we will have Morning_Wood coming out with an "0day Exploit
Code" for file creation lol

Staying sharp could mean many things.

Yes, I completely agree that this course does not keep you up to datewith current file system technologies, and it is becoming increasinglyunlikely that one could provide any valuable forensic service with onlya knowledge of FAT.


However:

1. that course is only $200.
2. all filesystem courses introduce simple filesystems first,

3. this is a short course, it's not likely they could get mostcandidates further without damaging the retention ratio significantly.

Suggesting that teaching of old filesystems is useless is moronic,everyone has to start to learn somewhere.

I don't therefore find it "funny" that it's being offered. FYI this isgenerally the type of course you would find at a university during anintroductory OS course.


"After taking this class you'll no longer have to rely on your automated
forensic tools, you'll be able to dive down to the byte level. You'll
even be able to find data that your automated tools might miss. -Michael Murr "

- that is hilariously out of date however, and also may be now incorrect due to changes of scale.







_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

SANS Stuff c0ntex (Dec 05)
- Message not available
  - Re: SANS Stuff c0ntex (Dec 05)
- Message not available
  - Message not available
    - Message not available
    - Re: SANS Stuff c0ntex (Dec 05)
    - Re: SANS Stuff InfoSecBOFH (Dec 05)
    - Re: SANS Stuff c0ntex (Dec 05)
    - Re: SANS Stuff James Tucker (Dec 05)
    - Re: SANS Stuff Technica Forensis (Dec 05)
    - Re: SANS Stuff c0ntex (Dec 05)
    - Re: SANS Stuff Technica Forensis (Dec 05)
    - Re: SANS Stuff James Tucker (Dec 05)
    - RE: SANS Stuff Lyal Collins (Dec 05)
    - Re: SANS Stuff mary (Dec 05)
    - Re: SANS Stuff Valdis . Kletnieks (Dec 05)
    - Re: SANS Stuff bkfsec (Dec 06)
    - Message not available
    - Re: SANS Stuff mary (Dec 07)
- <Possible follow-ups>
- RE: SANS Stuff Madison, Marc (Dec 05)

(Thread continues...)