Chris Pogue, Member of IBM Ethical Hacking Team
发表于2024-11-22
UNIX and Linux Forensic Analysis DVD Toolkit 2024 pdf epub mobi 电子书
介绍了一些linux上的取证的基本流程,比较适合入门 比较模糊的就是关于司法认定这块,什么人取证时可信的?如果企业内部自己取证是否能够作为证据提交到法庭? 如果有这些信息就更好了
评分介绍了一些linux上的取证的基本流程,比较适合入门 比较模糊的就是关于司法认定这块,什么人取证时可信的?如果企业内部自己取证是否能够作为证据提交到法庭? 如果有这些信息就更好了
评分介绍了一些linux上的取证的基本流程,比较适合入门 比较模糊的就是关于司法认定这块,什么人取证时可信的?如果企业内部自己取证是否能够作为证据提交到法庭? 如果有这些信息就更好了
评分介绍了一些linux上的取证的基本流程,比较适合入门 比较模糊的就是关于司法认定这块,什么人取证时可信的?如果企业内部自己取证是否能够作为证据提交到法庭? 如果有这些信息就更好了
评分介绍了一些linux上的取证的基本流程,比较适合入门 比较模糊的就是关于司法认定这块,什么人取证时可信的?如果企业内部自己取证是否能够作为证据提交到法庭? 如果有这些信息就更好了
图书标签: Unix Linux 计算机 编程 程序设计 操作系统 技术 应用安全
This book addresses topics in the area of forensic analysis of systems running on variants of the UNIX operating system, which is the choice of hackers for their attack platforms. According to a 2007 IDC report, UNIX servers account for the second-largest segment of spending (behind Windows) in the worldwide server market with $4.2 billion in 2Q07, representing 31.7% of corporate server spending. UNIX systems have not been analyzed to any significant depth largely due to a lack of understanding on the part of the investigator, an understanding and knowledge base that has been achieved by the attacker. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.
The book begins with a chapter to describe why and how the book was written, and for whom, and then immediately begins addressing the issues of live response (volatile) data collection and analysis. The book continues by addressing issues of collecting and analyzing the contents of physical memory (i.e., RAM). The following chapters address /proc analysis, revealing the wealth of significant evidence, and analysis of files created by or on UNIX systems. Then the book addresses the underground world of UNIX hacking and reveals methods and techniques used by hackers, malware coders, and anti-forensic developers. The book then illustrates to the investigator how to analyze these files and extract the information they need to perform a comprehensive forensic analysis. The final chapter includes a detailed discussion of Loadable Kernel Modules and Malware. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.
Throughout the book the author provides a wealth of unique information, providing tools, techniques and information that won't be found anywhere else. Not only are the tools provided, but the author also provides sample files so that after completing a detailed walk-through, the reader can immediately practice the new-found skills.
* The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else.
* This book contains information about UNIX forensic analysis that is not available anywhere else. Much of the information is a result of the author's own unique research and work.
* The authors have the combined experience of Law Enforcement, Military, and Corporate forensics. This unique perspective makes this book attractive to ALL forensic investigators.
UNIX and Linux Forensic Analysis DVD Toolkit 2024 pdf epub mobi 电子书