ITB DF/IR Tip Contest

To help raise awareness about  Into The Boxes (ITB), digital forensics, and incident response, ITB will be holding a competition via Twitter.  This contest will also help  show the community how easy it is to collaborate and contribute to the ITB effort.  The basis of this competition are Digital Forensic and Incident Response (DF/IR) tips that can be placed in the space allowed by the Twitter “What are you doing?” textbox.  To help ITB Staff identify entries each tip entry will need to start with “#ITBTIP: “.   This leaves each contestant 131 characters to work with when creating a DF/IR tip.  Links are allowed but they will only be taken in context of the DF/IR tip and not followed.  Here is an example:

#ITBTIP: Wipe drive with known pattern – # sudo dcfldd textpattern=IntoTheBoxes of=/dev/<drive>

Size doesn’t matter as long as the tip is less than or equal to 140 characters including the header.  Tips do not have to be technical.  DF/IR managerial statements are sometimes just as important as the data acquisition and analysis and are good for elevator/water cooler comments and are the basis for more in-depth recommendations that can be used in Lessons Learned and Final Reports stemming from an incident response effort.  Here is another example.

#ITBTIP: Centralized logging provides us valuable IT security information while reducing the cost required to review and alert on incidents.

All entries will be judged by the ITB staff.  The results will be posted here and the top five will be included in the January 2010 release of  ITB.   Tips will also be reused, periodically, by ITB to promote DF/IR awareness.  If you do not have a Twitter account but would still like to participate in the contest just drop us your tip, which must still follow the contest guidelines, using the ITB Call Box.

This contest will end on November 22nd, 2009.  So you have a little time to think about what you want to do.  To be fair only five submissions per person are permitted and only one of those will be allowed into the top five category.  The first prize winner of this contest will receive a hard copy version of the ITB inaugural edition signed by the ITB Staff.  Not much, but it is all we have right now.  There will only be three hard copies made of this first edition, so this will be a limited edition.

While you are at it, you can follow ITB events by following us on Twitter or subscribing to our feed.

So, here is a list of those rules again.  These may change a little if somebody points out something glaringly obvious, so check back and watch our Tweets.

  • All tips can only be 140 characters and must use the header “#ITBTIP: ” (so you only get 131 characters).
  • Links are allowed but they will only be taken in context of the DF/IR tip and not followed.
  • Contest ends at 00:00:00 CST on November 22nd, 2009 the winner will be announced on November 29th, 2009.
  • Five entries per person and only one can be in the top five.
  • All entries will be judged by ITB Staff.
  • Tips can be submitted via Twitter or the ITB Call Box.
  • All participants agree that their tips can be reused on the Into The Boxes website and in future Into The Boxes publications.  All copyrights, outside of these limited publishing rights for Into The Boxes, will remain with the author of the ITB Tip.

Go forth and do good things,

Don C. Weber


One Response to “ITB DF/IR Tip Contest”

  1. […] Into The Boxes Digital Forensics and Incident Response Magazine « ITB DF/IR Tip Contest […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: