So, this week it is my privilege to be TA-ing for Taz Wake for the beta run of his new class FOR577: Linux Incident Response and Threat Hunting. We were looking in the linux /proc filesystem and were noticing in the /proc/<pid>/net/{tcp/udp/icmp/…} that the IP addresses were listed in hex, but little-endian.
Article Link: https://isc.sans.edu/diary/rss/30284