tag:blogger.com,1999:blog-9518042.post111046005356088011..comments2024-03-19T07:46:20.437-05:00Comments on Windows Incident Response: Blogging...Unknownnoreply@blogger.comBlogger6125tag:blogger.com,1999:blog-9518042.post-1110937163775159232005-03-15T20:39:00.000-05:002005-03-15T20:39:00.000-05:00Brandon,Do you use the FSP? If so, would you care...Brandon,<BR/><BR/>Do you use the FSP? <BR/><BR/>If so, would you care to post your fruc.ini file? ;-)H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.comtag:blogger.com,1999:blog-9518042.post-1110900775588928362005-03-15T10:32:00.000-05:002005-03-15T10:32:00.000-05:00Woops, I looked over at the Windows Forensics and ...Woops, I looked over at the Windows Forensics and Incident Response book on my book rack, and acro'd it instead of the FSP.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9518042.post-1110817569561776362005-03-14T11:26:00.000-05:002005-03-14T11:26:00.000-05:00Great feedback, everyone! Brandon, what are you re...Great feedback, everyone! <BR/><BR/>Brandon, what are you referring to when you say "WFIR"? <BR/><BR/>Thanks,<BR/><BR/>HarlanH. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.comtag:blogger.com,1999:blog-9518042.post-1110642788179579122005-03-12T10:53:00.000-05:002005-03-12T10:53:00.000-05:00I am in agreement with both Jesse and Chris. I re...I am in agreement with both Jesse and Chris. I really like the SOTM's because I can sit down over a weekend, think it out, and come up with a solution or wait out the results. Either way, I am doing the work for myself and taxing my own KB. But when I can't get one, I enjoy reading the solutions.<BR/><BR/>If Hensing used tools that I could relate to, I think I would get more out of his blog. Not to say that I haven't taken anything away from them, but it's not like I can go grab Wolf in the same fashion I can the WFIR.<BR/><BR/>Keep up the good work with whatever you decide.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9518042.post-1110502746742093522005-03-10T19:59:00.000-05:002005-03-10T19:59:00.000-05:00I also would say a little of both. I like the SoTM...I also would say a little of both. I like the SoTM but it does take many hours to complete. Something a little more bitsized would be nice. Perhaps taking a SoTM size project and break it down into four chunks finishing one each week, so people who get stuck would get a clue to get unstuck and can continue learning.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9518042.post-1110488539531736582005-03-10T16:02:00.000-05:002005-03-10T16:02:00.000-05:00Well, Both! As much as I love doing the Scan of th...Well, Both! As much as I love doing the Scan of the Month challenge, it takes time and is not something I can do every morning. I can, however, scan through the Internet Storm Center or the other tutorial style blogs on the web and get a feel of what others are doing. It's not as good as doing it myself, but it's better than nothing!Anonymousnoreply@blogger.com