March 4,2008
好鼻師:專精網路封包嗅探的Laura Chappell
(PowerOp:嘗試雙語 blogging 中,歡迎留言批評指教)(I'm trying bilingual blogging now, please give me your comment and feedback)
When I first got to know packet sniffer back in college, I thought it's just another dirty trick for geeks.
我當初在念大學的時候接觸到 封包嗅探 ,我以為這不過就是咱們技客使用的一種暗黑法術。
I was wrong. So wrong.
我錯了。大錯特錯。
If you know how to position and practice this skill in the IT industry, you'll be regarded as "network protocol analysis guru".
如果妳懂得運用這項技能並且給予適當的定位,妳就可以在 IT 產業當一個「網路通訊協定分析專家」。
In the Novell Open Audio episode titled "C.S.I. - Computer System Investigation with Laura Chappell", this energetic lady, Laura Chappell, told us about her adventure as an network forensics expert:
在 Novell Open Audio 標題為 "C.S.I. - Computer System Investigation with Laura Chappell" 的這一集,Laura Chappell 這位充滿活力的女士,跟大家分享她身為一位網路資安鑑識專家的經驗談:
When I first got to know packet sniffer back in college, I thought it's just another dirty trick for geeks.
我當初在念大學的時候接觸到 封包嗅探 ,我以為這不過就是咱們技客使用的一種暗黑法術。
I was wrong. So wrong.
我錯了。大錯特錯。
If you know how to position and practice this skill in the IT industry, you'll be regarded as "network protocol analysis guru".
如果妳懂得運用這項技能並且給予適當的定位,妳就可以在 IT 產業當一個「網路通訊協定分析專家」。
In the Novell Open Audio episode titled "C.S.I. - Computer System Investigation with Laura Chappell", this energetic lady, Laura Chappell, told us about her adventure as an network forensics expert:
在 Novell Open Audio 標題為 "C.S.I. - Computer System Investigation with Laura Chappell" 的這一集,Laura Chappell 這位充滿活力的女士,跟大家分享她身為一位網路資安鑑識專家的經驗談:
- It can catch serial killer: Laura talked about the story of BTK Killer, how police found who he was from the metadata embedded in a Microsoft Word document on the floppy disk that he use to communicate with the police. (In her own experience, from the http traffic, she once caught a student ordering weapons to be delivered to him, care of the school!)
- 這可以拿來抓連續殺人狂:Laura提到了 BTK 殺手 的故事,關於警方如何從他寄來的磁碟片裡面的 Microsoft Word 文件的 元數據 追蹤到他。(Laura自己的經驗則是,她曾經在 http 資料流中,發現一個學生上網訂購武器,想寄到學校轉交給他自己!)
- It can be fun: By tweaking the LAN packet, she beats her son in World of Warcraft despite the fact that her character level is way lower than her son's.
- 這可以惡搞:她修改網路封包,以非常低等級的角色,在魔獸世界線上遊戲裡擊敗她兒子所使用的高等級角色。
- It can be a good business: she runs three companies now:
* Protocol Analysis Institute helps companies to wiretap their network and nail down the breaches or attack.
* Wireshark University provides training and certification programs for Wireshark. Laura mentioned that the Wireshark developers do not have time to do this, so she suggested that she could build the training arm for Wireshark. (ref. Wireshark: Wireshark University Announced from Wireshark.org)
* Company yet-to-be-announced that will be a "one-stop shop" for investigation, including network forensic investigation, host forensic investigation, private investigation, global investigation. It will be located in San Jose, California.
- 這可以是門好生意:她現在掌管三間公司:
* Protocol Analysis Institute 幫其他公司執行網路監聽,找出漏洞、惡意攻擊。
* Wireshark University 提供 Wireshark 的教學以及認證。Laura提到 Wireshark 的開發團隊沒有時間弄這個,所以她提議由她來組織這個教育訓練暨認證機構。(參見 Wireshark.org 發佈的 Wireshark: Wireshark University Announced)
* 一家還未正式宣佈的公司,設立在美國加州聖荷西,服務項目涵蓋網路資安鑑識、主機資安鑑識、私家偵探、跨國調查等,提供客戶「一次購足」的服務。
Good news for us leechers (grin) - some of the materials can be downloaded for free:
- Laura Chappell's Animated Articles Archives from the Novell Connection Magazine. You can also download Laura's Lab Kit version 8 from that page, an .iso file of 3.3 Gigabytes!!
- Download area on Protocol Analysis Institute website which includes trace files, newsletters, articles.
好消息,對於我們這些相信只要努力找,就可以找到白吃午餐的人(笑),有一些資料可以免費下載:
- Laura Chappell's Animated Articles Archives Novell Connection 雜誌的專欄(影音教學)。網頁上也可以下載 Laura 的 實戰練習包,3.3 GB 的 iso 檔喔!!
- Download area on Protocol Analysis Institute website 包含了網路封包擷取檔,電子報,文章等。
- 這可以拿來抓連續殺人狂:Laura提到了 BTK 殺手 的故事,關於警方如何從他寄來的磁碟片裡面的 Microsoft Word 文件的 元數據 追蹤到他。(Laura自己的經驗則是,她曾經在 http 資料流中,發現一個學生上網訂購武器,想寄到學校轉交給他自己!)
- It can be fun: By tweaking the LAN packet, she beats her son in World of Warcraft despite the fact that her character level is way lower than her son's.
- 這可以惡搞:她修改網路封包,以非常低等級的角色,在魔獸世界線上遊戲裡擊敗她兒子所使用的高等級角色。
- It can be a good business: she runs three companies now:
* Protocol Analysis Institute helps companies to wiretap their network and nail down the breaches or attack.
* Wireshark University provides training and certification programs for Wireshark. Laura mentioned that the Wireshark developers do not have time to do this, so she suggested that she could build the training arm for Wireshark. (ref. Wireshark: Wireshark University Announced from Wireshark.org)
* Company yet-to-be-announced that will be a "one-stop shop" for investigation, including network forensic investigation, host forensic investigation, private investigation, global investigation. It will be located in San Jose, California.
- 這可以是門好生意:她現在掌管三間公司:
* Protocol Analysis Institute 幫其他公司執行網路監聽,找出漏洞、惡意攻擊。
* Wireshark University 提供 Wireshark 的教學以及認證。Laura提到 Wireshark 的開發團隊沒有時間弄這個,所以她提議由她來組織這個教育訓練暨認證機構。(參見 Wireshark.org 發佈的 Wireshark: Wireshark University Announced)
* 一家還未正式宣佈的公司,設立在美國加州聖荷西,服務項目涵蓋網路資安鑑識、主機資安鑑識、私家偵探、跨國調查等,提供客戶「一次購足」的服務。
Good news for us leechers (grin) - some of the materials can be downloaded for free:
- Laura Chappell's Animated Articles Archives from the Novell Connection Magazine. You can also download Laura's Lab Kit version 8 from that page, an .iso file of 3.3 Gigabytes!!
- Download area on Protocol Analysis Institute website which includes trace files, newsletters, articles.
好消息,對於我們這些相信只要努力找,就可以找到白吃午餐的人(笑),有一些資料可以免費下載:
- Laura Chappell's Animated Articles Archives Novell Connection 雜誌的專欄(影音教學)。網頁上也可以下載 Laura 的 實戰練習包,3.3 GB 的 iso 檔喔!!
- Download area on Protocol Analysis Institute website 包含了網路封包擷取檔,電子報,文章等。
引用URL
http://cgi.blog.roodo.com/trackback/5633497
![[Syndicate this site]](http://cdn.rimg.tw/images/blog/rss.gif "Syndicate RSS feed"){kind=small}
![[Syndicate this site]](http://cdn.rimg.tw/images/blog/atom.gif "Syndicate ATOM feed"){kind=small}
