Home Videos Command Line Forensics For Linux

Command Line Forensics For Linux


Craig Rowland from Sandfly Security discusses how to use basic Linux command line tools to do intrusion detection and digital forensics for Linux systems.

This presentation talks about how to use pre-loaded Linux tools to quickly assess a system for signs of compromise. You won’t need to load any special tools. The techniques he discusses use tools already on most all Linux hosts.

Craig discusses how to spot common attacks, what to look for to spot suspicious activity, locating hackers, common indicators of compromise onto a Linux host, and why you should look for simple forensic indicators first before worrying about Advanced Persistent Threats.

This presentation covers cyber forensics, cyber defense, and cyber attacks.

Slides are available here: https://www.sandflysecurity.com/command-line-forensics-linux-christchurch-hackercon-2017/

This presentation was given at the Christchurch Hacker Con 2017 in Christchurch, New Zealand.

  • How to Perform Hadoop Forensics

    In this post Chiheb Chebbi shows you how to perform Hadoop forensics. You will learn about…
  • Cloud Forensics: Box

    It seems we really enjoy forensicating desktop apps for cloud services. Last week we start…
  • The Magic of Raw Data Carving

    You have used all of the utilities in your expensive forensic suite, and other programs to…
Load More Related Articles
Load More In Videos

Leave a Reply

Your email address will not be published. Required fields are marked *