IMO, if we stick to the document and they are organized in military style, then a person who collect information, should focus only on that particular phase. That person is an operator, he or she should not be keep busy remembering long CLI commands. The scope is to deliver ASAP.
No matter how much I like CLI and to put my fingers into text mode, I have to admit that point and click in windows is an easier and faster method to achieve the task I did mention. As Warren mention, if you have 20 "brains" it's easy to put those people port a tool from *nix to other platform and have the other 500 operators run it in windows. It's just a matter of good sense and "business" effectiveness :) Maybe I misinterpret information, but this is how I see things. Cheers, Calin ---- On Wed, 20 Feb 2013 09:24:10 +0100 Warren Bailey<wbai...@satelliteintelligencegroup.com> wrote ---- > They are when you have a college full of programmers. > > > From my Android phone on T-Mobile. The first nationwide 4G network. > > > > -------- Original message -------- > From: Scott Weeks <sur...@mauigateway.com> > Date: 02/20/2013 12:23 AM (GMT-08:00) > To: nanog@nanog.org > Subject: Re: NYT covers China cyberthreat > > > > --- calin.chior...@secdisk.net wrote: > From: "calin.chiorean" <calin.chior...@secdisk.net> > > <snipped> > :: when all tools are available for windows os, you just have to compile > them. > <sniped out the rest> > ------------------------------------------------- > > > They're not all available for m$. > > scott > > > > > > > ---- On Wed, 20 Feb 2013 09:02:35 +0100 Scott Weeks wrote ---- > >Be sure to read the source: > > > >intelreport.mandiant.com/Mandiant_APT1_Report.pdf > > > >I'm only part way through, but I find it hard to believe that > >only micro$loth computers are used as the attack OS. Maybe I > >haven't gotten far enough through report to find the part > >where they use the *nix boxes? > > > >
