Division Zero (Div0). Copyright © 2011-2018

All rights reserved.

Linux Forensics (for Non-Linux Folks)

10 Jul 2012

On 10th July 2011, SANS faculty fellow and creator of SANS GIAC Linux / Unix security track - Hal Pomeranz - gave a brief presentation on "Linux forensics (for non-Linux folks)" at SANS Singapore Community Night.

 

Most forensics cases rovers around the Windows operating system (OS), the most common end-point machine, where cyber crime usually take place. Still, the skills to investigate a Linux / Unix machine is vital as they are usually used in critical system / infrastructure.

 

Hal highlighted various artefacts forensics officers should look into when conducting an investigation. You can find his presentation slides here - it pretty much sums up the presentation, but he showed more stuff during the demonstration (e.g. how looking into /var/lib/dhcp allows you to find out where the machine has been).

Share on Facebook
Share on Twitter
Please reload

RECENT POST

September 5, 2017

Please reload

CATEGORIES
Please reload

TAGS
RSS
RSS Feed