Difference between pages "Upcoming events" and "THE FARMER'S BOOT CD"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Calls For Papers)
 
 
Line 1: Line 1:
<b>PLEASE READ BEFORE YOU EDIT THE LISTS BELOW</b><br>
+
{{Infobox_Software |
Events should be posted in the correct section, and in date order.  An event should NEVER be listed in more than one section (i.e. Ongoing/Continuous events should not be listed in Scheduled Training).  When events begin the same day, events of a longer length should be listed first.  New postings of events with the same date(s) as other events should be added after events already in the list. If a provider offers the same event at several locations simultaneously, the listing should have a single (ONE) entry in the list with the date(s) and ALL locations for the event. Please use three-letter month abbreviations (i.e. Sep, NOT Sept. or September), use two digit dates (i.e. Jan 01 NOT Jan 1), and use date ranges rather than listing every date during an event(i.e. Jan 02-05, NOT Jan 02, 03, 04, 05).<br>
+
  name = THE FARMER'S BOOT CD |
<i>Some events may be <u>limited</u> to <b>Law Enforcement Only</b> or to a specific audience. Such restrictions should be noted when known.</i>
+
  maintainer = [[Thomas Rude]] |
 +
  os = {{Linux}}, {{Windows}} |
 +
  genre = {{Live CD}} |
 +
  license = ??? |
 +
  website = [http://www.forensicbootcd.com/ forensicbootcd.com] |
 +
}}
  
This is a BY DATE listing of upcoming events relevant to [[digital forensics]].  It is not an all inclusive list, but includes most well-known activities.  Some events may duplicate events on the generic [[conferences]] page, but entries in this list have specific dates and locations for the upcoming event.
+
'''THE FARMER'S BOOT CD''' ('''FBCD''') is a [[Linux]] [[boot CD]] developed by [[Thomas Rude]] ('farmerdude').
  
This listing is divided into four sections (described as follows):<br>
+
Taking a different approach than other [[Live CDs]], this CD was designed and optimized for previewing systems before acquiring. It contains a number of programs forensic practitioners can utilize to preview both [[Windows]] and [[Linux]] systems in a [[forensically sound]] manner.
<ol><li><b><u>Calls For Papers</u></b> - Calls for papers for either Journals or for Conferences, relevant to Digital Forensics (Name, Closing Date, URL)</li><br>
+
<li><b><u>Conferences</u></b> - Conferences relevant for Digital Forensics (Name, Date, Location, URL)</li><br>
+
<li><b><u>On-Going / Continuous Training</u></b> - Training opportunities that are either always available online/distance learning format (start anytime) or that are offered the same time every month (Name, date-if applicable, URL)</li><br>
+
<li><b><u>[[Scheduled Training Courses]]</u></b> - Training Classes/Courses that are scheduled for specific dates/locations. This would include online (or distance learning format) courses which begin on specific dates, instead of the "start anytime" courses listed in the previous section. (Provider, URL) (''note: this has been moved to its own page.'')<br></li></ol>
+
  
The Conference and Training List is provided by the American Academy of Forensic Sciences (AAFS) Digital and Multimedia Sciences Section Listserv. 
+
== Preview Capabilities ==
<i> (Subscribe by sending an email to listserv@lists.mitre.org with message body containing SUBSCRIBE AAFS-DIGITAL-MULTIMEDIA-LIST)</i>
+
Requests for additions, deletions or corrections to this list may be sent by email to David Baker <i>(bakerd AT mitre.org)</i>.
+
  
== Calls For Papers ==
+
THE FARMER'S BOOT CD has been designed for previewing both Windows and Linux systems. On-site previews before acquisitions is an emerging trend in the U.S.A. due to legal and technological reasons.
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
|- style="background:#bfbfbf; font-weight: bold"
+
! width="30%|Title
+
! width="15%"|Due Date
+
! width="15%"|Notification Date
+
! width="40%"|Website
+
|-
+
|Blackhat Briefings - Washington DC
+
|Jan 01, 2009
+
|Jan 16, 1009
+
|https://www.blackhat.com/html/bh-dc-09/bh-dc-09-cfp.html
+
|-
+
|USENIX '09
+
|Jan 09, 2009
+
|Mar 13, 2009
+
|http://www.usenix.org/events/usenix09/cfp/
+
|-
+
|Hacker Halted USA 2009
+
|Jan 15, 2009
+
|Feb 15, 2009
+
|http://www.eccouncil.org/hhusa/papers/page6.html
+
|-
+
|3rd Edition of Small Scale Digital Device Forensics Journal
+
|Jan 31, 2009
+
|
+
|http://www.ssddfj.org/Call.asp
+
|-
+
|4rd International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE-2009)
+
|Feb 01, 2009
+
|
+
|http://conf.ncku.edu.tw/sadfe/sadfe09/
+
|-
+
|Blackhat Briefings - Europe
+
|Feb 01, 2009
+
|Feb 15, 2009
+
|https://www.blackhat.com/html/bh-europe-09/bh-eu-09-cfp.html.
+
|-
+
|Usenix Security 2009
+
|Feb 04, 2009
+
|Apr 13, 2009
+
|http://www.usenix.org/events/sec09/cfp
+
|-
+
|2009 ADFSL Conference on Digital Forensics, Security and Law
+
|Feb 20, 2009
+
|
+
|http://www.digitalforensics-conference.org/callforpapers.htm
+
|-
+
|KDDD 2009
+
|Feb 02, 2009
+
|Apr 10, 2009
+
|http://www.sigkdd.org/kdd2009/
+
|-
+
|DFRWS 2009
+
|Mar 16, 2009
+
|Apr 28, 2009
+
|http://www.dfrws.org/2009/cfp.shtml
+
|-
+
|Layer One - 2009
+
|Apr 01, 2009
+
|Apr 15, 2009
+
|http://layerone.info/
+
|-
+
|ACM CCS 2009
+
|Apr ?? 2009
+
|
+
|http://www.sigsac.org/ccs
+
|-
+
|Usenix Lisa 2009
+
|Apr 30, 2009
+
|
+
|http://www.usenix.org/events/lisa09/cfp/
+
|-
+
|New Security Paradigms Conference 2009
+
|Apr ?? 2009
+
|
+
|http://www.nspw.org/current/
+
|-
+
|IEEE Symposium on Security and Privacy 2010
+
|Nov ?? 2009
+
|
+
|-
+
|ShmooCon 2010
+
|Dec ??, 2008
+
|Jan ??, 2009
+
|http://www.shmoocon.org/cfp.html
+
|-
+
|AusCERT Conference 2010
+
|Dec ??, 2008
+
|Jan ??, 2009
+
|http://conference.auscert.org.au/conf2010/cfp2010.html
+
|-
+
|}
+
  
== Conferences ==
+
Below is a short list of what can be accomplished in a simple GUI on this CD;
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
|- style="background:#bfbfbf; font-weight: bold"
+
! width="40%"|Title
+
! width="20%"|Date/Location
+
! width="40%"|Website
+
|-
+
|2009 DoD Cyber Crime Conference
+
|Jan 24-30<br>St. Louis, MO
+
|http://www.dodcybercrime.com/
+
|-
+
|5th Annual IFIP WG 11.9 International Conference on Digital Forensics
+
|Jan 25-28<br>Orlando, FL
+
|http://www.ifip119.org/Conferences/
+
|-
+
|ShmooCon 2009
+
|Feb 06-08<br>Washington, DC
+
|http://www.shmoocon.org/
+
|-
+
|American Academy of Forensic Sciences Annual Meeting
+
|Feb 16-21<br>Denver, CO
+
|http://www.aafs.org/default.asp?section_id=meetings&page_id=aafs_annual_meeting
+
|-
+
|Blackhat DC
+
|Feb 16-19<br>Washington, DC
+
|https://www.blackhat.com/html/bh-dc-09/bh-dc-09-main.html
+
|-
+
|24th Annual ACM Symposium on Applied Computing - Computer Forensics Track
+
|Mar 08-12<br>Honolulu, HI
+
|http://www.acm.org/conferences/sac/sac2009
+
|-
+
|ARES 2009 Conference
+
|Mar 16-19<br>Fukuoka, Japan
+
|http://www.ares-conference.eu/conf/
+
|-
+
|Security Opus
+
|Mar 17-18<br>San Francisco, CA
+
|http://www.securityopus.com
+
|-
+
|e-Crime Congress 2009
+
|Mar 24-25<br>London, United Kingdom
+
|http://www.e-crimecongress.org/ecrime2009/
+
|-
+
|Blackhat Europe
+
|Apr 14-17<br>Amsterdam, The Netherlands
+
|https://www.blackhat.com/html/bh-europe-09/bh-eu-09-main.html
+
|-
+
|AusCERT2009
+
|May 17-22<br>Gold Coast, Australia
+
|http://conference.auscert.org.au/conf2009/
+
|-
+
|Computer Security Institute: Security Exchange
+
|May 17-22<br>Las Vegas, NV
+
|http://www.csisx.com/
+
|-
+
|ADFSL 2009 Conference on Digital Forensics, Security and Law
+
|May 20-22<br>Burlington, VT
+
|http://www.digitalforensics-conference.org
+
|-
+
|Fourth International Workshop on Systematic Approaches to Digital Forensic Engineering
+
|May 22<br>Oakland, CA
+
|http://conf.ncku.edu.tw/sadfe/sadfe09/
+
|-
+
|LayerOne 2009 Security Conference
+
|May 23-24<br>Anaheim, CA
+
|http://layerone.info/
+
|-
+
|Mobile Forensics World 2009
+
|May 26-30<br>Chicago, IL
+
|http://www.mobileforensicsworld.com
+
|-
+
|2009 Techno Security Conference
+
|May 31-Jun 03<br>Myrtle Beach, SC
+
|http://www.techsec.com/index.html
+
|-
+
|IEEE ICC Communication and Information Systems Security (CISS) Symposium
+
|Jun 14-18<br>Dresden, Germany
+
|http://www.ieee-icc.org/2009/
+
|-
+
|Blackhat USA 2009
+
|Jul 25-30<br>Las Vegas, NV
+
|https://www.blackhat.com/
+
|-
+
|DefCon 17
+
|Jul 31-Aug 02<br>Las Vegas, NV
+
|http://www.defcon.org/
+
|-
+
|Usenix Security Sypmosium
+
|Aug 10-14<br>Montreal, Quebec, Canada
+
|http://www.usenix.org/events/sec09/
+
|-
+
|Digital Forensic Research Workshop
+
|Aug 17-19<br>Montreal, Quebec, Canada
+
|http://www.dfrws.org
+
|-
+
|Triennial Meeting of the European Academy of Forensic Science
+
|Sep 08-11<br>Glasgow, Scotland, UK
+
|http://www.eafs2009.com/
+
|-
+
|Hacker Halted USA 2009
+
|Sep 20-24<br>Miami, FL
+
|http://www.hackerhalted.com/usa
+
|-
+
|}
+
  
== On-going / Continuous Training ==
+
* Mount file systems read-only, including journalled file system types
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
* Obtain a list of deleted files for ext2, FAT12/16/32, and NTFS file system types
|- style="background:#bfbfbf; font-weight: bold"
+
* Undelete deleted files from NTFS file systems
! width="40%"|Title
+
* Obtain both E-mail and URL addresses from the Windows "pagefile.sys" file
! width="20%"|Date/Location
+
* Read the Recycle Bin INFO2 records
! width="40%"|Website
+
* Read Windows event log files (AppEvent.Evt, SecEvent.Evt, SysEvent.Evt)
|-
+
* Read many log files from Linux systems (shell histories, system logs, security logs, accounting logs, etc.)
|- style="background:pink;align:left"
+
* Obtain file system metainformation (creation date, last mount and write date, version, label, UUID, etc.)
! DISTANCE LEARNING
+
* Parse Internet cache files from IE, Mozilla, and Opera, pulling cookies and histories
|-
+
* Catalog target file system, selecting files of interest by extension or header
|Basic Computer Examiner Course - Computer Forensic Training Online
+
* Convert date/time between UNIX 32bit, UNIX hex, human readable, Windows 64bit, and Windows hex
|Distance Learning Format
+
* Generate thumbnails for all graphics in fully qualified path filename
|http://www.cftco.com
+
* Obtain drive information (serial number, make/model, firmware, HPA status, etc.)
|-
+
* Obtain system BIOS table information (serial numbers, dates, UUIDs, etc.)
|Linux Data Forensics Training
+
* Obtain system hardware catalog
|Distance Learning Format
+
* Double-clicking on most common file types opens them (Documents, Graphics, Presentations, Movies, Audio, etc.)
|http://www.crazytrain.com/training.html
+
|-
+
|SANS On-Demand Training
+
|Distance Learning Format
+
|http://www.sans.org/ondemand/?portal=69456f95660ade45be29c00b0c14aea1
+
|-
+
|- style="background:pink;align:left"
+
!RECURRING TRAINING
+
|-
+
|MaresWare Suite Training
+
|First full week every month<br>Atlanta, GA
+
|http://www.maresware.com/maresware/training/maresware.htm
+
|-
+
|Evidence Recovery for Windows Vista&trade;
+
|First full week every month<br>Brunswick, GA
+
|http://www.internetcrimes.net
+
|-
+
|Evidence Recovery for Windows Server&reg; 2003 R2
+
|Second full week every month<br>Brunswick, GA
+
|http://www.internetcrimes.net
+
|-
+
|Evidence Recovery for the Windows XP&trade; operating system  
+
|Third full week every month<br>Brunswick, GA
+
|http://www.internetcrimes.net
+
|-
+
|Computer Forensics Training and CCE&trade; Testing for Litigation Support Professionals
+
|Third weekend of every month(Fri-Mon)<br>Dallas, TX
+
|http://www.md5group.com
+
|-
+
|}
+
  
==See Also==
+
== External Links ==
* [[Scheduled Training Courses]]
+
 
==References==
+
* [http://www.forensicbootcd.com/site/view.html THE FARMER'S BOOT CD screen shots] - Screen Shots for Delve Preview Program on the FBCD.
* [http://faculty.cs.tamu.edu/guofei/sec_conf_stat.htm Computer Security Conference Ranking and Statistic]
+
* [http://www.forensicfocus.com/farmers-boot-cd Preview Data in Under Twenty Minutes] - Paper on previewing data quickly at http://www.forensicfocus.com.
* [http://www.kdnuggets.com/meetings/ Meetings and Conferences in Data Mining and Discovery]
+
* http://www.conferencealerts.com/data.htm Data Mining Conferences World-Wide]
+

Revision as of 05:38, 28 July 2012

THE FARMER'S BOOT CD
Maintainer: Thomas Rude
OS: Linux,Windows
Genre: Live CD
License:  ???
Website: forensicbootcd.com

THE FARMER'S BOOT CD (FBCD) is a Linux boot CD developed by Thomas Rude ('farmerdude').

Taking a different approach than other Live CDs, this CD was designed and optimized for previewing systems before acquiring. It contains a number of programs forensic practitioners can utilize to preview both Windows and Linux systems in a forensically sound manner.

Preview Capabilities

THE FARMER'S BOOT CD has been designed for previewing both Windows and Linux systems. On-site previews before acquisitions is an emerging trend in the U.S.A. due to legal and technological reasons.

Below is a short list of what can be accomplished in a simple GUI on this CD;

  • Mount file systems read-only, including journalled file system types
  • Obtain a list of deleted files for ext2, FAT12/16/32, and NTFS file system types
  • Undelete deleted files from NTFS file systems
  • Obtain both E-mail and URL addresses from the Windows "pagefile.sys" file
  • Read the Recycle Bin INFO2 records
  • Read Windows event log files (AppEvent.Evt, SecEvent.Evt, SysEvent.Evt)
  • Read many log files from Linux systems (shell histories, system logs, security logs, accounting logs, etc.)
  • Obtain file system metainformation (creation date, last mount and write date, version, label, UUID, etc.)
  • Parse Internet cache files from IE, Mozilla, and Opera, pulling cookies and histories
  • Catalog target file system, selecting files of interest by extension or header
  • Convert date/time between UNIX 32bit, UNIX hex, human readable, Windows 64bit, and Windows hex
  • Generate thumbnails for all graphics in fully qualified path filename
  • Obtain drive information (serial number, make/model, firmware, HPA status, etc.)
  • Obtain system BIOS table information (serial numbers, dates, UUIDs, etc.)
  • Obtain system hardware catalog
  • Double-clicking on most common file types opens them (Documents, Graphics, Presentations, Movies, Audio, etc.)

External Links