Practical Packet Analysis (with Chris Sanders)
Practical Packet Analysis (with Chris Sanders)
Practical Packet Analysis (with Chris Sanders)
ADVANCED PERSISTENT SECURITY PODCAST
EPISODE 32
GUEST:Chris Sanders
January 9, 2017
If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, Blubrry, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers
Practical Packet Analysis (with Chris Sanders)
SHOW NOTES
PART 1
Joe introduces Chris and talks about his work and accomplishments. We transition to talking about the “Russian Hackers” and the “GRIZZLY STEPPE” report. We provide analysis of the quality of application of the IP addresses and hashes in the reports. Attribution is discussed in terms of Russia versus China. We talk about “Nation State” and the implications of such attribution. We talk about the role of Social Engineering and spear phishing in the success. Chris and I debunk the Vermont “Power Grid” attack in terms of application and the news reports. We talk about proper research and identifying bias and skew.
Resources Used
US CERT Report on GRIZZLY STEPPE
US CERT Site about GRIZZLY STEPPE
CNBC Article about Russia’s Role in DNC Hack
Washington Post article detracting attribution of Vermont Power Grid attack to Russia
PART 2
We kick it off by asking Chris the origin of Practical Packet Analysis. Chris tells us that the first edition came 10 years ago (in 2006) as he was studying in college at age 19 (published at age 20). It all started with a blog post. Someone posted it to Dig and crashed his site. He was contacted by No Starch press who asked him to write it. Chris said that he initially wrote it to help pay his way through college, but at the time he was fairly young and not experienced enough to write a really great book. The next edition was really about redemption and making the book live up to its potential. Chris talks about how this was not originally a security book, but rather network monitoring and packet analysis.
PART 3
Chris talks about his Investigative Theory training and the correlation between his writing and teaching. He talks about the lack of training in terms of how to apply tools and how to investigate. Chris talks about his interaction with the course and how the questions are structured. He explains how human and cognitive psychology plays into investigating. His January class is full and his March class is almost full.
We shift to discuss the Rural Tech Fund. Chris lost his mother and sister at a young age. The house he grew up in recently sold at auction for $14,000. Like me, he had little opportunity to be successful, less learn technology. A teacher named Ms. Jackson told Chris that he would do great things, but to “Remember where he came from.” Chris shifted the focus from scholarships to the classrooms. He helped to get teachers involved to help impact over 10,000 students last year in the donation of equipment. In 2017, Chris wants to impact 25,000 students.
ABOUT Chris
Chris Sanders is an information security consultant, author, and researcher. He is the leader of a detection and investigation research team at FireEye and has extensive experience supporting multiple government and military agencies, as well as several Fortune 500 companies. In multiple roles with the US Department of Defense, Chris helped to create several NSM and intelligence tools currently being used to defend the interests of the nation.
Chris has authored several books and articles, including the international best seller “Practical Packet Analysis” form No Starch Press, currently in its third edition and in seven languages, and “Applied Network Security Monitoring” from Syngress. He is currently pursuing a PhD in Cognitive Psychology in an attempt to enhance the field of security investigative technique through a better understanding of the human thought and learning processes.
Chris is the founder and director of the Rural Technology Fund, a non-profit that donates thousands of dollars in scholarships and equipment annually to further technical education in rural and high poverty areas.
CONTACTING Chris:
Twitter: @ChrisSanders88
Chris’ Books:
Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
Applied Network Security Monitoring: Collection, Detection, and Analysis
Joe’s Blog on Jenny Radcliffe’s Deception Chronicle
Jenny Radcliffe’s Deception Chronicles
Joe’s Dyn DDOS Blog on Tripwire:
Joe’s Ranking in the AlienVault Top Blogs of 2016:
PASSWORD BLOG LINKS:
Hosted Locally on Advanced Persistent Security
WI-FI BLOG LINK:
Hosted Locally on Advanced Persistent Security
POWERSHELL LINK:
JOE’S BLOG ON ITSP:
When Friendly Thermostats & Toasters Join The IoT Dark Side
Joe’s Blog on Tripwire:
Burgling From an OSINT Point of View
Joe’s Blogs on Sword & Shield Enterprise Security’s site:
Holiday Shopping Safety Series: Shopping Via Credit Card and e-Commerce
Holiday Shopping Safety Series: Holiday Scams and Hoaxes
Joe’s Work with WATE 6 News in Knoxville, TN:
Shopping online safely this holiday season
iPhone scam uses text messages to hack iCloud information
Maryville hacker takes over Facebook accounts
Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Enter your email address:
Delivered by FeedBurner
SUBSCRIBE TO OUR MAILING LIST
* indicates required
Email Address *
First Name
Last Name
The post Practical Packet Analysis (with Chris Sanders) first appeared on Advanced Persistent Security.
