fearnothing

OK yeah I knew about using ddrescue; I didn't know that you could gather the exact error, though it doesn't surprise me. But can you actually override the controller's read algorithms to pick up data where the write process has actually failed at the magnetic level to write a good signal? Because that's the part where it starts sounding to me like snake oil. Thanks for reminding me about the talk, I couldn't watch it yesterday and by today I'd forgotten.

OK, let me just say that my degree's in computer forensics, so for one thing I can see that the SpinRite FAQ page is skating around the edges of plausibility and being unnecessarily vague. I'm not familiar with how malleable drive firmware is these days so I can't be certain the stuff about "low level data integrity maintenance" is bullshit, but the language in general is similar to diet pill adverts, faith healing and homeopathy. I assume when you mention the CRC that can't be seen, you're talking about the overhead data that's part of the drive's basic formatting (not the partition/volume format, the disk format itself)? My current understanding is that the controller alone can see this information on modern disks.

I think you've picked up on a different SecurityNow than the one I was asking about, which is this podcast.

Not exactly a hacking question but I figured some of you guys might have had some first-hand experience with this tool. I'm asking because almost everything I've read about this triggers my pseudoscience alarm bells, but someone I work with who is in all other respects very smart and well educated is insisting that it's everything the sales pitch claims. Honestly, my gut feeling is that Steve Gibson is the techie equivalent of a cult leader, and if I could find any kind of corroboration for this damning dissection of his work, I'd be ready to dismiss SpinRite and associated products completely. Bonus question: does SecurityNow fall under the same heading? Or does that have some separate worth of its own?

Mainly the direction I want my learning to go is hardening first, malware analysis second - my career is in incident response and degree is forensics to give you some idea of background. Thanks for the pointers so far :)

Morning all, I've been lucky enough to get myself a spot in a top-notch SOC. While I'm a smart kid, I'm still a long way from being an expert, and one of the steps on the road to becoming a security zen master is a way to learn all the stuff I won't learn on the job. Hence, personal lab is required. I've had some ideas, and some advice from a good friend who knows what he's talking about, and some of his advice was to ask you guys for thoughts. My main goals for a lab are: - Proxy server - Firewall - VPN - Some sort of basic NIDS/NIPS Additional goals, but these are stretch goals: - DHCP - Start learning about AD - Pen testing - Malware analysis My budget isn't huge but I can probably stretch to close to €1,000 at the minute. I'm still working on the details, which is where I hope you can come in with some thoughts. Firstly, hardware. I'm thinking that I can get a shuttle/HTPC box and max out the RAM (16GB or even 32), then virtualize most of the functions with ESXi. Should I plan for more than one physical box or is one enough for now? For OS, I want to do as much with Linux as possible because although I've used it, I'm still pretty green. Are there distros you would recommend for this? Bonus points for the less dependency headaches I have with installing the various software packages. I've only done a very small amount of exploration on applications, enough to suggest that squid might be a good place to start for a proxy but no more than that really. Walkthroughs, guidance, instructions - I know what it's like to be constantly pestered by newbies on really basic questions so if you can point me at resources that will help to save me from asking them, that would be great. I have a couple of books that I'm sure will have some relevant stuff in, but they're not exactly tailored to this specific task - if you know of more that will be a good idea for me to read for this purpose, please say so. Finally, if I also plan on setting up a media server, could this be done on the same machine or should I avoid that? Thanks for your time, fearnothing