Linux Forensics

Linux Forensics - Philip Polstra

Linux Forensics


Linux Forensics is the most comprehensive and up-to-date resource for those wishing to quickly and efficiently perform forensics on Linux systems. It is also a great asset for anyone that would like to better understand Linux internals. Linux Forensics will guide you step by step through the process of investigating a computer running Linux. Everything you need to know from the moment you receive the call from someone who thinks they have been attacked until the final report is written is covered in this book. All of the tools discussed in this book are free and most are also open source. Dr. Philip Polstra shows how to leverage numerous tools such as Python, shell scripting, and MySQL to quickly, easily, and accurately analyze Linux systems. While readers will have a strong grasp of Python and shell scripting by the time they complete this book, no prior knowledge of either of these scripting languages is assumed. Linux Forensics begins by showing you how to determine if there was an incident with minimally invasive techniques. Once it appears likely that an incident has occurred, Dr. Polstra shows you how to collect data from a live system before shutting it down for the creation of filesystem images. Linux Forensics contains extensive coverage of Linux ext2, ext3, and ext4 filesystems. A large collection of Python and shell scripts for creating, mounting, and analyzing filesystem images are presented in this book. Dr. Polstra introduces readers to the exciting new field of memory analysis using the Volatility framework. Discussions of advanced attacks and malware analysis round out the book. Book Highlights 370 pages in large, easy-to-read 8.5 x 11 inch format Over 9000 lines of Python scripts with explanations Over 800 lines of shell scripts with explanations A 102 page chapter containing up-to-date information on the ext4 filesystem Two scenarios described in detail with images available from the book website All scripts and other support files are available from the book website Chapter Contents First Steps General PrinciplesPhases of InvestigationHigh-level ProcessBuilding a Toolkit Determining If There Was an IncidentOpening a CaseTalking to UsersDocumenationMounting Known-good BinariesMinimizing Disturbance to the SubjectAutomation With Scripting Live AnalysisGetting MetadataUsing SpreadsheetsGetting Command HistoriesGetting LogsUsing HashesDumping RAM Creating ImagesShutting Down the SystemImage FormatsDDDCFLDDWrite BlockingImaging Virtu
Citeste mai mult

-10%

transport gratuit

PRP: 379.75 Lei

!

Acesta este Pretul Recomandat de Producator. Pretul de vanzare al produsului este afisat mai jos.

341.77Lei

341.77Lei

379.75 Lei

Primesti 341 puncte

Important icon msg

Primesti puncte de fidelitate dupa fiecare comanda! 100 puncte de fidelitate reprezinta 1 leu. Foloseste-le la viitoarele achizitii!

Livrare in 2-4 saptamani

Descrierea produsului


Linux Forensics is the most comprehensive and up-to-date resource for those wishing to quickly and efficiently perform forensics on Linux systems. It is also a great asset for anyone that would like to better understand Linux internals. Linux Forensics will guide you step by step through the process of investigating a computer running Linux. Everything you need to know from the moment you receive the call from someone who thinks they have been attacked until the final report is written is covered in this book. All of the tools discussed in this book are free and most are also open source. Dr. Philip Polstra shows how to leverage numerous tools such as Python, shell scripting, and MySQL to quickly, easily, and accurately analyze Linux systems. While readers will have a strong grasp of Python and shell scripting by the time they complete this book, no prior knowledge of either of these scripting languages is assumed. Linux Forensics begins by showing you how to determine if there was an incident with minimally invasive techniques. Once it appears likely that an incident has occurred, Dr. Polstra shows you how to collect data from a live system before shutting it down for the creation of filesystem images. Linux Forensics contains extensive coverage of Linux ext2, ext3, and ext4 filesystems. A large collection of Python and shell scripts for creating, mounting, and analyzing filesystem images are presented in this book. Dr. Polstra introduces readers to the exciting new field of memory analysis using the Volatility framework. Discussions of advanced attacks and malware analysis round out the book. Book Highlights 370 pages in large, easy-to-read 8.5 x 11 inch format Over 9000 lines of Python scripts with explanations Over 800 lines of shell scripts with explanations A 102 page chapter containing up-to-date information on the ext4 filesystem Two scenarios described in detail with images available from the book website All scripts and other support files are available from the book website Chapter Contents First Steps General PrinciplesPhases of InvestigationHigh-level ProcessBuilding a Toolkit Determining If There Was an IncidentOpening a CaseTalking to UsersDocumenationMounting Known-good BinariesMinimizing Disturbance to the SubjectAutomation With Scripting Live AnalysisGetting MetadataUsing SpreadsheetsGetting Command HistoriesGetting LogsUsing HashesDumping RAM Creating ImagesShutting Down the SystemImage FormatsDDDCFLDDWrite BlockingImaging Virtu
Citeste mai mult

De pe acelasi raft

De acelasi autor

Parerea ta e inspiratie pentru comunitatea Libris!

Acum se comanda

Noi suntem despre carti, si la fel este si

Newsletter-ul nostru.

Aboneaza-te la vestile literare si primesti un cupon de -10% pentru viitoarea ta comanda!

*Reducerea aplicata prin cupon nu se cumuleaza, ci se aplica reducerea cea mai mare.

Ma abonez image one
Ma abonez image one