Linux Malware Incident Response · A Practitioner’s Guide to Forensic Collection and Examination of Volatile Data by Malin, Cameron -- Read -- Imperial Library of Trantor

Log In

Or create an account ->

Imperial Library

Home
About
News
Upload
Forum

Help

Login/SignUp

Index

Cover image Title page Table of Contents Dedication Copyright Introduction

How to Use This book Investigative Approach Forensic Analysis in Malware Investigations Applying Forensics to Malware From Malware Analysis to Malware Forensics

Chapter 1. Linux Malware Incident Response

Introduction Volatile Data Collection Methodology Nonvolatile Data Collection from a Live Linux System Conclusion

Appendix 1

Incident Response Tool Suites Remote Collection Tools Volatile Data Collection and Analysis Tools Collecting Subject System Details Identifying Users Logged into the System Network Connections and Activity Process Analysis Loaded Modules Opened Files Command History

Appendix 2

Live Response: Field Notes

Appendix 3

Live Response: Field Interview Questions

Appendix 4

Pitfalls to Avoid

Selected Readings

← Prev
Back
Next →

← Prev
Back
Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion