Home Videos Command Line Forensics For Linux

Command Line Forensics For Linux

0
0
1,945

Craig Rowland from Sandfly Security discusses how to use basic Linux command line tools to do intrusion detection and digital forensics for Linux systems.

This presentation talks about how to use pre-loaded Linux tools to quickly assess a system for signs of compromise. You won’t need to load any special tools. The techniques he discusses use tools already on most all Linux hosts.

Craig discusses how to spot common attacks, what to look for to spot suspicious activity, locating hackers, common indicators of compromise onto a Linux host, and why you should look for simple forensic indicators first before worrying about Advanced Persistent Threats.

This presentation covers cyber forensics, cyber defense, and cyber attacks.

Slides are available here: https://www.sandflysecurity.com/command-line-forensics-linux-christchurch-hackercon-2017/

This presentation was given at the Christchurch Hacker Con 2017 in Christchurch, New Zealand.

Load More Related Articles
  • RDP Event Log Forensics

    As a continuation of the “Introduction to Windows Forensics” series, this epis…
  • Windows Process Genealogy

    As an incident responder, one of the things you need to be able to quickly do when looking…
  • Event Log Forensics with Log Parser

    As a continuation of the “Introduction to Windows Forensics” series, this vide…
Load More In Videos

Leave a Reply

Your email address will not be published. Required fields are marked *