Notes from MerriLUG meeting of 20-Sept-2006

Ted Roche tedroche at tedroche.com
Fri Sep 22 11:18:01 EDT 2006 

Seventeen people attended the monthly meeting of the Merrimack Valley  
Linux Users Group, held as usual on the third Thursday of the month  
in the function rooms upstairs at Martha's Exchange in Nashua, NH.

LUG co-ordinator Heather Brodeur lead off the introductions, welcomed  
three new attendees, and announced upcoming meetings, including  
Hosstraders and a two-day session "Deep AJAX" put on by the Greater  
Boston Chapter of the Association of Computing Machinery (GBC/ACM).  
The two day session takes place on October 14 & 15 (Saturday and  
Sunday) and feature all-day workshops by the authors of the Dojo  
Toolkit and Django Framework and YUI Yahoo! User Interface. Price is  
$495 if you sign up by September 30th, $600 thereafter.  Details at:

http://www.gbcacm.org/website/deepajax/Ajax%20Seminar.htm

The main presentation was by Andy Bair of MITRE. Andy and his team  
from Korelogic [0]  finished first in the recent Digital Forensic  
Research Workshop 2006 Data Carving Challenge [1]. Andy described the  
challenge: 50 Mb of data with no known start or end points, file  
types, state of fragmentation, etc., and the techniques his team used  
to analyze the data, extending and modifying tools the team had  
previously developed (FTimes [2] , XMagic) and using common UNIX  
tools like dd, bvi and file to identify file start and end-points and  
"carve" the files from the data sample and verify them. Andy  
estimated his team devoted 550 hours to the challenge, but with the  
development of the (Open Source) tools and methodologies[3] they  
created, could repeat the feat in around 100 hours. Andy said his  
team is continuing to develop their tools with the goal of automating  
as much of the process as possible.

A very interesting presentation. Thanks, Andy, for the presentation,  
thanks to Heather for running the event, and to Martha's Exchange for  
use of the room.

[0] http://www.korelogic.com/
[1] http://www.dfrws.org/2006/challenge/submissions/
[2] http://sourceforge.net/projects/ftimes
[3] http://www.dfrws.org/2006/challenge/submissions/bair/

Ted Roche
Ted Roche & Associates, LLC
http://www.tedroche.com

More information about the gnhlug-discuss mailing list