PDF⋙ Linux Forensics by Philip Polstra

Linux Forensics by Philip Polstra

Linux Forensics by Philip Polstra PDF, ePub eBook D0wnl0ad

Linux Forensics is the most comprehensive and up-to-date resource for those wishing to quickly and efficiently perform forensics on Linux systems. It is also a great asset for anyone that would like to better understand Linux internals.

Linux Forensics will guide you step by step through the process of investigating a computer running Linux. Everything you need to know from the moment you receive the call from someone who thinks they have been attacked until the final report is written is covered in this book. All of the tools discussed in this book are free and most are also open source.

Dr. Philip Polstra shows how to leverage numerous tools such as Python, shell scripting, and MySQL to quickly, easily, and accurately analyze Linux systems. While readers will have a strong grasp of Python and shell scripting by the time they complete this book, no prior knowledge of either of these scripting languages is assumed. Linux Forensics begins by showing you how to determine if there was an incident with minimally invasive techniques. Once it appears likely that an incident has occurred, Dr. Polstra shows you how to collect data from a live system before shutting it down for the creation of filesystem images.

Linux Forensics contains extensive coverage of Linux ext2, ext3, and ext4 filesystems. A large collection of Python and shell scripts for creating, mounting, and analyzing filesystem images are presented in this book. Dr. Polstra introduces readers to the exciting new field of memory analysis using the Volatility framework. Discussions of advanced attacks and malware analysis round out the book.

Book Highlights

• 370 pages in large, easy-to-read 8.5 x 11 inch format
• Over 9000 lines of Python scripts with explanations
• Over 800 lines of shell scripts with explanations
• A 102 page chapter containing up-to-date information on the ext4 filesystem
• Two scenarios described in detail with images available from the book website
• All scripts and other support files are available from the book website

Chapter Contents

1. First Steps
   • General Principles
   • Phases of Investigation
   • High-level Process
   • Building a Toolkit
2. Determining If There Was an Incident
   • Opening a Case
   • Talking to Users
   • Documenation
   • Mounting Known-good Binaries
   • Minimizing Disturbance to the Subject
   • Automation With Scripting
3. Live Analysis
   • Getting Metadata
   • Using Spreadsheets
   • Getting Command Histories
   • Getting Logs
   • Using Hashes
   • Dumping RAM
4. Creating Images
   • Shutting Down the System
   • Image Formats
   • DD
   • DCFLDD
   • Write Blocking
   • Imaging Virtual Machines
   • Imaging Physical Drives
5. Mounting Images
   • Master Boot Record Based Partions
   • GUID Partition Tables
   • Mounting Partitions In Linux
   • Automating With Python
6. Analyzing Mounted Images
   • Getting Timestamps
   • Using LibreOffice
   • Using MySQL
   • Creating Timelines
7. Extended Filesystems
   • Basics
   • Superblocks
   • Features
   • Using Python
   • Finding Things That Are Out Of Place
   • Inodes
   • Journaling
8. Memory Analysis
   • Volatility
   • Creating Profiles
   • Linux Commands
9. Dealing With More Advanced Attackers
10. Malware
    • Is It Malware?
    • Malware Analysis Tools
    • Static Analysis
    • Dynamic Analysis
    • Obfuscation
11. The Road Ahead
    • Learning More
    • Communities
    • Conferences
    • Certifications

From reader reviews:

Ted Bryant:

Do you one of the book lovers? If yes, do you ever feeling doubt when you are in the book store? Make an effort to pick one book that you never know the inside because don't assess book by its include may doesn't work at this point is difficult job because you are afraid that the inside maybe not while fantastic as in the outside search likes. Maybe you answer may be Linux Forensics why because the amazing cover that make you consider with regards to the content will not disappoint you actually. The inside or content is usually fantastic as the outside or even cover. Your reading sixth sense will directly guide you to pick up this book.

Deborah Mazzarella:

You will get this Linux Forensics by browse the bookstore or Mall. Just simply viewing or reviewing it can to be your solve difficulty if you get difficulties for your knowledge. Kinds of this e-book are various. Not only by written or printed but also can you enjoy this book simply by e-book. In the modern era such as now, you just looking because of your mobile phone and searching what their problem. Right now, choose your current ways to get more information about your book. It is most important to arrange you to ultimately make your knowledge are still revise. Let's try to choose correct ways for you.

Albert Hartley:

That publication can make you to feel relax. This book Linux Forensics was colorful and of course has pictures around. As we know that book Linux Forensics has many kinds or style. Start from kids until youngsters. For example Naruto or Private eye Conan you can read and believe you are the character on there. So , not at all of book are make you bored, any it can make you feel happy, fun and relax. Try to choose the best book to suit your needs and try to like reading this.

Read Linux Forensics by Philip Polstra for online ebook

Linux Forensics by Philip Polstra Free PDF d0wnl0ad, audio books, books to read, good books to read, cheap books, good books, online books, books online, book reviews epub, read books online, books to read online, online library, greatbooks to read, PDF best books to read, top books to read Linux Forensics by Philip Polstra books to read online.

Linux Forensics by Philip Polstra Doc

Linux Forensics by Philip Polstra Mobipocket

Linux Forensics by Philip Polstra EPub