This post is a follow up to our previous entry about the HoneyNet challenge #7 (here).
We are now writing to say that the challenge results have been released (here), and that all of the winners (see the last five documents under "Attachment" at the previous link) used the Volatility Linux support documented in our previous blog post. Not only do these entries show the power of the developed Volatility functionality, but they also show how to use the Linux support in real-world case examples. Answering many of the challenge's questions, such as which process had the malicious connection open, which sockets were active, file system activity, etc, was as simple as running a plug-in.
We hope that the results of this challenge will inspire more people to give the Linux functionality a test and possibly to even contribute their own plug-ins.
