I did what I could on the SANS ICS Challenge. I was trying to work on two challenges at one time. I looked forward to the SANS Holiday Hack Challenge all year. I'm disappointed with myself though. I wasn't able to complete either of them. I guess that I did okay, considering that I don't have a lot of work experience or course experience with either of them. I'll post the answers that I did get after the challenges are officially over.
I picked up a new book called "The Art of Memory Forensics". I used it to help me solve some of the ICS Challenge. I'm haven't read much of it, because I don't understand much of what it is talking about. I keep Googling stuff that I don't understand.
I think that I need to get a book that goes into depth about different OS processes, and what is normal. I can't recognize abnormal because I don't know what normal is.
I like forensics, but I imagine that working in forensics is quite different than this challenge. I think that when one is working in forensics, they are probably using a lot of automated tools/scripts, and there really isn't a lot of spelunking. They might have to verify results, but it's not the same. That's not necessarily a bad thing, though. It could be interesting, but in a different way.
On the Holiday Hack Challenge, I feel that I'm close on two of the super gnomes, but I just can't get what I'm trying to do to work. My spouse states that sometimes it's about attitude. A student might try one thing, and it doesn't work, then the instructor walks up, types the exact same thing, and suddenly it works. You have to believe that it will work. It doesn't make much sense to me. Who would've thought that turning a computer off then on again would solve about 98% of computer problems though?
I learned stuff so quickly to begin with, and now I'm at that point where things are getting more difficult to learn as I progress in knowledge. I just have to power through this and keep trying.
