
<p dir="ltr">I'm interested.</p>

<div class="gmail_quote">On Jun 15, 2015 6:49 AM, "Bacon Zombie" <<a href="mailto:baconzombie@gmail.com">baconzombie@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">Hey,</p>

<p dir="ltr">Any change the slides/class notes and files can be posted online? I know asking for video of talks/presentations if probably too much.</p>

<p dir="ltr">Regards,</p>

<p dir="ltr">An Irish Hacker currently in Berlin.</p>

<div class="gmail_quote">On 14 Jun 2015 21:51, "David Stainton" <<a href="mailto:dstainton415@gmail.com" target="_blank">dstainton415@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear Noisebridge,<br>

<br>

<br>

Two things to say:<br>

<br>

1. every popular TCP analyzer software needs to be rewritten to handle<br>

TCP injection attacks properly. Here are all the TCP injection attacks<br>

that are possible:<br>

<a href="https://github.com/david415/HoneyBadger_docs/blob/hackpad1/source/how-to-badger-the-puppet-masters.rst#tcp-injection-attack-categories" rel="noreferrer" target="_blank">https://github.com/david415/HoneyBadger_docs/blob/hackpad1/source/how-to-badger-the-puppet-masters.rst#tcp-injection-attack-categories</a><br>

<br>

<br>

2. I'd like to start a class/group that regularly meets in person or<br>

online; collectively writes network forensics tools.<br>

<br>

I'm not sure if there's enough technical interest on this subject...<br>

but if there is then I'd like to teach about TCP protocol<br>

analysis/anomaly detection, low level network programming, ethernet<br>

sniffer packet capture methods, offensive packet spraying for<br>

detecting Great Cannon MITM etc.<br>

<br>

Those of you that know me might've noticed that in the past year I've<br>

become completely obsessed with network protocol anomaly detection,<br>

forensics, attack detection etc. especially when it comes to the<br>

subject of NSA attacks on TCP mentioned in Snowden documents.<br>

<br>

Ultimately I feel that a more healthy and balanced interaction in a<br>

group setting would be a "working group" instead of a class... in this<br>

case a low level network programming working group... but we could<br>

start out as a class.<br>

<br>

<br>

Are others interested in getting together to talk about the gory<br>

technical details of writing "network forensics software"?<br>

If the answer is no then I'd like to just move to Germany forever and<br>

find actual hackers over there to work with. Your move.<br>

<br>

<br>

Sincerely,<br>

<br>

David Stainton<br>

_______________________________________________<br>

Noisebridge-discuss mailing list<br>

<a href="mailto:Noisebridge-discuss@lists.noisebridge.net" target="_blank">Noisebridge-discuss@lists.noisebridge.net</a><br>

<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" rel="noreferrer" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>

</blockquote></div>

<br>_______________________________________________<br>

Noisebridge-discuss mailing list<br>

<a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>

<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" rel="noreferrer" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>

<br></blockquote></div>