Hello World! I am a Special Agent (Aka Federal Agent, Criminal Investigator, G-Man, The Fed, etc) for the U.S. Department of Defense (DoD); specializing in computer crimes. So what does this mean? As a Special Agent for the DoD I work primarily to investigate and prosecute those that have committed crime directly against the DoD or any number of the countless defense contractors. Part of our mission statement states we defend the war fighter. Years ago that meant protecting troops from receiving sub standard parts in the battle field to prosecuting those who try to improperly gain financially from illegal bribes and kick back in order to be awarded big dollar defense contracts. Today we are focused more than ever on protecting our military computer networks, collectively referred to as the Global Information Grid or the GiG (we wouldnt be the Fed without the superfluous acronyms).
We work closely to help protect the dozens of agencies that comprise the DoD as well as those within the Defense Industrial Base (The DIB, yep there we go again!). As computer crimes agents we investigate electronic crimes occurring at everything from the Boeing's, Lockheeds and General Dynamics of the world to the mom and pop shops making the smallest little bolt or IC chip used by our
military. We work with our law enforcement agent counterparts at the FBI and others in order to solve these cyber rimes. In the end, regardless if the bad guy is hitting us from overseas or stateside we try and arrest and prosecute those who interfere with our national security. I think you will find I can bring a unique insight, some good war stories, interesting news and detailed educational material
for your audience. I would like to spend my time on discussing the many Linux tools we use in our criminal electronic forensic analysis as well as intrusion investigations to include the tools of the hacker. Covering current affairs on hacking and hacktivists such as Anonymous from a technical, legal and national security perspective would also be something I would like to talk about on occasion.
As a (hopefully) new contributor to Linux Forums I wish to start by saying hello and thank you for taking the time to read my periodic ramblings. As a new wave of tech savvy agents hired in the last decade I had the privilege of introducing and pushing for Linux to be used in our agency and open source tools as part of our investigations. I have been a long time user, supporter and cheerleader for Linux as well as a huge proponent of open source software. What I thought would be fun over time would be to share with you the many open source Linux tools we use in on the job, teach you how to use some of them and introduce you to techniques and technologies involved in hacker attacks.
As many of you realize, the power of open source software and Linux provides us great strength in the two main areas of investigations we focus on. Internally we unofficially split up our investigations into either computer forensics or intrusions. In reality they overlap, but as a matter of job function, tools and training they are unique.
Computer forensics primarily deals with acquisition of data from hard drives, volatile memory, cell phones, smartphones, tablets and an infinite number of other electronic gizmos. That data then must be processed, reviewed and reported on within strict legal guidelines. The amazing part is that most, if not all, of these functions can be accomplished using free Linux utilities (occasionally some cheap hardware is required too) But really how cool is that? I would like to spend a good deal of time in the future discussing many of the command line tools, GUI application and live distros available to enable you to perform these functions.
Intrusion Investigations is a little more convoluted and deals with investigating crimes involving unauthorized access to computer systems (Title 18-United Stated Code-Section 1030 yep Ill be teaching you some law too!). This type of investigation is complex but fun. In order to investigate the criminal hacker you must think like a criminal hacker and that means learning the tools of the intruder. Show of hands, how many of you out there think true hackers use Windows as an attack platform? OK you way in the back put your hand down. The reality is, for better or worse, hackers generally use something the resembles Linux and the umpteen numbers of free tools. The good news is we use those tools too (and more). I again hope to spend a great deal of timing discussing the various Linux based tools and techniques used to investigate network intrusion and show you how you can pen test YOUR OWN network.
Finally I want to spend a minute to express my feeling about the strength of Linux and open source, its future and obstacles in my field. When I started in federal law enforcement almost ten years ago I was shocked at the utter lack of computer skills and antiquated technologies being utilized. I am happy to report that there has been a bit of a renaissance going on in regards to newer technology and
increased skills but the government is a big boat that turns slow.
Like most of you, I have been a huge proponent of Linux and open source for years. A few years ago I began pushing for open source software to utilize in my case investigation. I figured it was free, powerful and readily available, whats could be the problem? I quickly found out that for starters, people hate change! It took a wee bit of convincing to get co-workers on board. Im sure many of
you have had similar frustrations with trying to get friends or family to switch to a free solution to an ongoing problem. Well, I am happy to say that if I could convince a government agency to switch you can get anyone on board the Linux bandwagon. Another issue I ran into is that my data would be used in criminal proceedings. Turns out the courts are a little behind the times, slow to catch up, leery of
data from unapproved (ie free) software. This problem goes back to the issue of acceptance of open source as mainstream. It is up to all of us to continue and push these tools to the public. Linux and it tools have a bright future in law enforcement as long as the public continues to support it, develop it and use it. Its up to YOU (No pressure!)
Please feel free to contact me ith question, ideas, complaints, general threats or much undeserved praise! Talk to you all soon