Practical linux forensics : a guide for digital investigators /
Nikkel, Bruce
Practical linux forensics : a guide for digital investigators / Bruce Nikkel - San Francisco, California : No Starch Press, Inc., c2022 - xxx, 368 pages ; 24 cm.
Includes index.
Digital forensics overview -- Linux overview -- Extracting evidence from storage devices and filesystems -- Directory layout and forensic analysis of Linux files -- Investigating evidence from Linux log -- Reconstructing system boot and initialization -- Examination of installed software packages -- Identifying network configuration artifacts -- Forensic analysis of time and location -- Reconstructing user desktops and login activity -- Forensic traces of attached peripheral devices -- Closing remarks -- File and directory list for digital investigators.
A thorough resource for forensic investigators, this book covers a variety of methods and techniques for locating and analyzing digital evidence found on modern Linux systems after a security incident or cyberattack. Readers will learn how Linux works from a digital forensics and investigation perspective and how to interpret evidence using tool-independent techniques relevant to any forensic analysis platform.
9781718501966
DIGITAL FORENSIC SCIENCE
HV 8079.C65 .N55 2022
Practical linux forensics : a guide for digital investigators / Bruce Nikkel - San Francisco, California : No Starch Press, Inc., c2022 - xxx, 368 pages ; 24 cm.
Includes index.
Digital forensics overview -- Linux overview -- Extracting evidence from storage devices and filesystems -- Directory layout and forensic analysis of Linux files -- Investigating evidence from Linux log -- Reconstructing system boot and initialization -- Examination of installed software packages -- Identifying network configuration artifacts -- Forensic analysis of time and location -- Reconstructing user desktops and login activity -- Forensic traces of attached peripheral devices -- Closing remarks -- File and directory list for digital investigators.
A thorough resource for forensic investigators, this book covers a variety of methods and techniques for locating and analyzing digital evidence found on modern Linux systems after a security incident or cyberattack. Readers will learn how Linux works from a digital forensics and investigation perspective and how to interpret evidence using tool-independent techniques relevant to any forensic analysis platform.
9781718501966
DIGITAL FORENSIC SCIENCE
HV 8079.C65 .N55 2022