Home How To How to Remotely Dump Linux RAM

How to Remotely Dump Linux RAM

0
0
1,400

Here is a guide on how to remotely dump Linux RAM with LiMEaide – a python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your forensic workstation.

The process includes six steps:

  1. Make a remote connection with specified client over SSH
  2. Transfer necessary build files to the remote machine
  3. Build the memory scrapping Loadable Kernel Module (LKM) LiME
  4. LKM will dump RAM
  5. Transfer RAM dump and RAM maps back to host
  6. Build a Volatility profile

 

Load More Related Articles
  • C2 Hunting

    Here is the latest post by Jack Crook (@jackcr) in which he discusses detecting and/or hun…
  • How to perform AWS Cloud Forensics

    Here is a nice overview of EC2 instances volume and memory acquisition process, plus some …
  • Forensic Review with Notepad++

    In this post Hoyt Harness writes about how to add Plugin Manager to Notepad++ and make it …
Load More In How To

Leave a Reply

Your email address will not be published. Required fields are marked *