Description |
xxx, 368 pages : illustrations ; 24 cm |
Note |
"Covers any modern Linux system"--Page 4 of cover. |
|
Includes index. |
Contents |
Digital forensics overview -- Linux overview -- Evidence from storage devices and filesystems -- Directory layout and forensic analysis of Linux files -- Investigating evidence from Linux logs -- Reconstructing system boot and initialization -- Examination of installed software packages -- Identifying network configuration artifacts -- Forensic analysis of time and location -- Reconstructing user desktops and login activity -- Forensic traces of attached peripheral devices. |
Summary |
"A thorough resource for forensic investigators, this book covers a variety of methods and techniques for locating and analyzing digital evidence found on modern Linux systems after a security incident or cyberattack. Readers will learn how Linux works from a digital forensics and investigation perspective and how to interpret evidence using tool-independent techniques relevant to any forensic analysis platform"-- Provided by publisher. |
Subject |
Digital forensic science.
|
|
Linux.
|
|
Computer crimes -- Investigation.
|
|
Data recovery (Computer science)
|
ISBN |
9781718501966 (paperback) |
|