Index of Presentations and Articles by Hal Pomeranz

Presentations

"The Return of Command-Line Kung Fu", more command-line madness with lots of Computer Forensic goodness (from the OS Bridge 2010 Conference, June 2010)
"Anatomy of a Financial Crime", covering Zeus botnets and ACH fraud (April 2010)
"The Return of Command-Line Kung Fu", more command-line madness with lots of Computer Forensic goodness (from the SANS 2010 Conference, March 2010)
"iPhones and Linux", some notes on my experiences making iPhones interoperate with a Linux-based infrastructure (last update Jan 2009)
"Intro to Linux Digital Forensics", which is a pretty detailed introduction to groveling through Unix file systems and recovering "interesting" data (last update Jan 2009).
"Unix Command-Line Kung Fu", a short tutorial I gave at the Open Source Bridge conference in Portland (last update Jun 2009).
An earlier version of "Unix Command-Line Kung Fu", which I gave at several SANS Conferences and local user group meetings (last update Sep 2008).
"Demystifying Sendmail", my new two-day Sendmail course (last update Sep 2006).
"Detecting Break-ins"-- some simple tricks and freely available utilities for discovering when your Unix systems have been compromised. Given to the Mid Willamette Valley Linux User Group, September 2004.
"Unix Hacking 101"-- a brief into to breaking into Unix systems and what attackers do once they get in. Given to the Eugene Unix and GNU/Linux User Group, August 2004.
"The Current Anti-Spam Landscape", given to the Portland Linux User Group, July 2004.
"DNS and BIND", given to the Eugene Unix and GNU/Linux User Group, March, 2004.
A talk on the IT aspects of my move to Eugene, given to the Mid Willamette Valley Linux User Group in January, 2004.
"Solaris Security", webcast by the SANS Institute way back in July, 2002.
An old version of a full-day tutorial on DNS and Sendmail, last update April, 2002.
"NTP, the Network Time Protocol", last update February 2001.
"Solaris Jumpstart", last update January, 2001.

Articles and Other Writing

"Dealing with <BUTTON>", explains a work-around required because Microsoft Internet Explorer (MSIE) doesn't implement the <BUTTON> tag properly.
"Solaris Security: Step-by-Step", the definitive guide originally published by The SANS Insitute.
"Solaris BSM Auditing" (aka kernel-level auditing), originally published in Sys Admin Magazine.
Instructions on how to build statically-linked executables under Solaris.
"Improving Sendmail Security by Turning it Off", originally published in Sys Admin Magazine. Also a follow-up article, "Just Can't Get Enough Sendmail".
"Running Sendmail as an Unprivileged User", originally published in Sys Admin Magazine.
"The Sendmail greet_pause Feature", originally published in Sys Admin Magazine.
"Strong Password Enforcement with pam_cracklib", originally published in Sys Admin Magazine.
"Remote Logging with SSH and Syslog-NG", originally published in Sys Admin Magazine.
"File Integrity Assessment via SSH", originally published in Sys Admin Magazine. You can find some related configuration files and tools here.
"A Simple DNS-Based Approach for Blocking Web Advertising", originally published in Sys Admin Magazine. Also, here's a brief update to the original article based on reader feedback.
"Name Server Security with BIND and chroot()", originally published in 8wire (now defunct). Note that while this article covers chroot()-ing BIND under Solaris, the EUGLUG talk listed above has the details for Linux systems.
"Great Moments In Customer Service", a humorous editorial originally published in 8wire.

Tools

h2n, a tool for converting a static hosts file into DNS zone files. Originally written by Cricket Liu for the O'Reilly DNS and BIND book.
PLOD, my tool for keeping an on-line journal of what you're working on.
A couple of different Solaris Jumpstart related tools, including an automated hardening tool that performs many of the steps in the "Solaris Security: Step-by-Step" guide mentioned above.

Return to: Deer Run Home > Hal's Homepage >