Hello all I am posting the following proposal to this community for comment and hoping to count on eventual sponsorship.
I already discussed this idea with the security community and the outcome is that such project will be an interesting thing to have. Please find more info on the discussion and background on the following blog post: http://blogs.sun.com/efi/category/Forensics+and+Incident+Response [Resent - Original Mail bounced back. Sorry for duplicates!] I personally think that sponsorship and involvement from the observability community will be crucial for the forensic Tools project and will have have a lot in common with this community: - Tools produced by this community will be widely used during live and postmortem investigation. Example: www.terena.org/activities/tf-csirt/meeting22/Solaris_Kernel_Dissection_for_Fun_Forensics0.2CSIRT.pdf - During the course of work new additions and functionality of teh observability tools might come forward which will definitely be useful for the community and Open Solaris as whole. I will be looking forward for comments on that idea and eventual volunteers to join the project team if such idea is deemed relevant. Cheers Evtim (Efi) Batchev
