UNIX and Linux Forensic Analysis DVD Toolkit

UNIX and Linux Forensic Analysis DVD Toolkit

Author: Chris Pogue

Publisher: Syngress

Published: 2008-07-24

Total Pages: 248

ISBN-13: 0080879128

DOWNLOAD EBOOK

This book addresses topics in the area of forensic analysis of systems running on variants of the UNIX operating system, which is the choice of hackers for their attack platforms. According to a 2007 IDC report, UNIX servers account for the second-largest segment of spending (behind Windows) in the worldwide server market with $4.2 billion in 2Q07, representing 31.7% of corporate server spending. UNIX systems have not been analyzed to any significant depth largely due to a lack of understanding on the part of the investigator, an understanding and knowledge base that has been achieved by the attacker. The book begins with a chapter to describe why and how the book was written, and for whom, and then immediately begins addressing the issues of live response (volatile) data collection and analysis. The book continues by addressing issues of collecting and analyzing the contents of physical memory (i.e., RAM). The following chapters address /proc analysis, revealing the wealth of significant evidence, and analysis of files created by or on UNIX systems. Then the book addresses the underground world of UNIX hacking and reveals methods and techniques used by hackers, malware coders, and anti-forensic developers. The book then illustrates to the investigator how to analyze these files and extract the information they need to perform a comprehensive forensic analysis. The final chapter includes a detailed discussion of loadable kernel Modules and malware. Throughout the book the author provides a wealth of unique information, providing tools, techniques and information that won't be found anywhere else. - This book contains information about UNIX forensic analysis that is not available anywhere else. Much of the information is a result of the author's own unique research and work. - The authors have the combined experience of law enforcement, military, and corporate forensics. This unique perspective makes this book attractive to all forensic investigators.


Windows Forensic Analysis DVD Toolkit

Windows Forensic Analysis DVD Toolkit

Author: Harlan Carvey

Publisher: Syngress

Published: 2009-06-01

Total Pages: 508

ISBN-13: 008095703X

DOWNLOAD EBOOK

Windows Forensic Analysis DVD Toolkit, Second Edition, is a completely updated and expanded version of Harlan Carvey's best-selling forensics book on incident response and investigating cybercrime on Windows systems. With this book, you will learn how to analyze data during live and post-mortem investigations.New to this edition is Forensic Analysis on a Budget, which collects freely available tools that are essential for small labs, state (or below) law enforcement, and educational organizations. The book also includes new pedagogical elements, Lessons from the Field, Case Studies, and War Stories that present real-life experiences by an expert in the trenches, making the material real and showing the why behind the how. The companion DVD contains significant, and unique, materials (movies, spreadsheet, code, etc.) not available anyplace else because they were created by the author.This book will appeal to digital forensic investigators, IT security professionals, engineers, and system administrators as well as students and consultants. - Best-Selling Windows Digital Forensic book completely updated in this 2nd Edition - Learn how to Analyze Data During Live and Post-Mortem Investigations - DVD Includes Custom Tools, Updated Code, Movies, and Spreadsheets


Security Strategies in Linux Platforms and Applications

Security Strategies in Linux Platforms and Applications

Author: Michael H. Jang

Publisher: Jones & Bartlett Publishers

Published: 2017

Total Pages: 538

ISBN-13: 1284090655

DOWNLOAD EBOOK

"The Second Edition of Security Strategies in Linux Platforms and Applications opens with a discussion of risks, threats, and vulnerabilities. Part 2 discusses how to take advantage of the layers of security and the modules associated with AppArmor and SELinux. Part 3 looks at the use of open source and proprietary tools when building a layered sec


Security Strategies in Linux Platforms and Applications

Security Strategies in Linux Platforms and Applications

Author: Michael Jang

Publisher: Jones & Bartlett Learning

Published: 2015-10-06

Total Pages: 538

ISBN-13: 1284110273

DOWNLOAD EBOOK

The Second Edition of Security Strategies in Linux Platforms and Applications covers every major aspect of security on a Linux system. Written by an industry expert, this book is divided into three natural parts to illustrate key concepts in the field. It opens with a discussion of the risks, threats, and vulnerabilities associated with Linux as an operating system using current examples and cases. Part 2 discusses how to take advantage of the layers of security available to Linux--user and group options, filesystems, and security options for important services, as well as the security modules associated with AppArmor and SELinux. The book closes with a look at the use of both open source and proprietary tools when building a layered security strategy for Linux operating system environments. Using real-world examples and exercises, this useful resource incorporates hands-on activities to walk readers through the fundamentals of security strategies related to the Linux system.


Security Strategies in Linux Platforms and Applications

Security Strategies in Linux Platforms and Applications

Author: Ric Messier

Publisher: Jones & Bartlett Learning

Published: 2022-10-26

Total Pages: 562

ISBN-13: 1284289230

DOWNLOAD EBOOK

The third edition of Security Strategies in Linux Platforms and Applications covers every major aspect of security on a Linux system. Using real-world examples and exercises, this useful resource incorporates hands-on activities to walk readers through the fundamentals of security strategies related to the Linux system. Written by an industry expert, this book is divided into three natural parts to illustrate key concepts in the field. It opens with a discussion of the risks, threats, and vulnerabilities associated with Linux as an operating system using current examples and cases. Part 2 discusses how to take advantage of the layers of security available to Linux--user and group options, filesystems, and security options for important services. The book closes with a look at the use of both open source and proprietary tools when building a layered security strategy for Linux operating system environments.


Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit

Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit

Author: Jesse Varsalone

Publisher: Syngress

Published: 2008-12-16

Total Pages: 572

ISBN-13: 0080949185

DOWNLOAD EBOOK

This book provides digital forensic investigators, security professionals, and law enforcement with all of the information, tools, and utilities required to conduct forensic investigations of computers running any variant of the Macintosh OS X operating system, as well as the almost ubiquitous iPod and iPhone. Digital forensic investigators and security professionals subsequently can use data gathered from these devices to aid in the prosecution of criminal cases, litigate civil cases, audit adherence to federal regulatory compliance issues, and identify breech of corporate and government usage policies on networks. MAC Disks, Partitioning, and HFS+ File System Manage multiple partitions on a disk, and understand how the operating system stores data. FileVault and Time Machine Decrypt locked FileVault files and restore files backed up with Leopard's Time Machine. Recovering Browser History Uncover traces of Web-surfing activity in Safari with Web cache and .plist files Recovering Email Artifacts, iChat, and Other Chat Logs Expose communications data in iChat, Address Book, Apple's Mail, MobileMe, and Web-based email. Locating and Recovering Photos Use iPhoto, Spotlight, and shadow files to find artifacts pof photos (e.g., thumbnails) when the originals no longer exist. Finding and Recovering QuickTime Movies and Other Video Understand video file formats--created with iSight, iMovie, or another application--and how to find them. PDF, Word, and Other Document Recovery Recover text documents and metadata with Microsoft Office, OpenOffice, Entourage, Adobe PDF, or other formats. Forensic Acquisition and Analysis of an iPod Documentseizure of an iPod model and analyze the iPod image file and artifacts on a Mac. Forensic Acquisition and Analysis of an iPhone Acquire a physical image of an iPhone or iPod Touch and safely analyze without jailbreaking. - Includes Unique Information about Mac OS X, iPod, iMac, and iPhone Forensic Analysis Unavailable Anywhere Else - Authors Are Pioneering Researchers in the Field of Macintosh Forensics, with Combined Experience in Law Enforcement, Military, and Corporate Forensics


Computer Forensics JumpStart

Computer Forensics JumpStart

Author: Micah Solomon

Publisher: John Wiley & Sons

Published: 2015-03-24

Total Pages: 325

ISBN-13: 1119124646

DOWNLOAD EBOOK

Launch Your Career in Computer Forensics—Quickly and Effectively Written by a team of computer forensics experts, Computer Forensics JumpStart provides all the core information you need to launch your career in this fast-growing field: Conducting a computer forensics investigation Examining the layout of a network Finding hidden data Capturing images Identifying, collecting, and preserving computer evidence Understanding encryption and examining encrypted files Documenting your case Evaluating common computer forensic tools Presenting computer evidence in court as an expert witness


Practical Linux Forensics

Practical Linux Forensics

Author: Bruce Nikkel

Publisher: No Starch Press

Published: 2021-12-21

Total Pages: 402

ISBN-13: 171850196X

DOWNLOAD EBOOK

A resource to help forensic investigators locate, analyze, and understand digital evidence found on modern Linux systems after a crime, security incident or cyber attack. Practical Linux Forensics dives into the technical details of analyzing postmortem forensic images of Linux systems which have been misused, abused, or the target of malicious attacks. It helps forensic investigators locate and analyze digital evidence found on Linux desktops, servers, and IoT devices. Throughout the book, you learn how to identify digital artifacts which may be of interest to an investigation, draw logical conclusions, and reconstruct past activity from incidents. You’ll learn how Linux works from a digital forensics and investigation perspective, and how to interpret evidence from Linux environments. The techniques shown are intended to be independent of the forensic analysis platforms and tools used. Learn how to: Extract evidence from storage devices and analyze partition tables, volume managers, popular Linux filesystems (Ext4, Btrfs, and Xfs), and encryption Investigate evidence from Linux logs, including traditional syslog, the systemd journal, kernel and audit logs, and logs from daemons and applications Reconstruct the Linux startup process, from boot loaders (UEFI and Grub) and kernel initialization, to systemd unit files and targets leading up to a graphical login Perform analysis of power, temperature, and the physical environment of a Linux machine, and find evidence of sleep, hibernation, shutdowns, reboots, and crashes Examine installed software, including distro installers, package formats, and package management systems from Debian, Fedora, SUSE, Arch, and other distros Perform analysis of time and Locale settings, internationalization including language and keyboard settings, and geolocation on a Linux system Reconstruct user login sessions (shell, X11 and Wayland), desktops (Gnome, KDE, and others) and analyze keyrings, wallets, trash cans, clipboards, thumbnails, recent files and other desktop artifacts Analyze network configuration, including interfaces, addresses, network managers, DNS, wireless artifacts (Wi-Fi, Bluetooth, WWAN), VPNs (including WireGuard), firewalls, and proxy settings Identify traces of attached peripheral devices (PCI, USB, Thunderbolt, Bluetooth) including external storage, cameras, and mobiles, and reconstruct printing and scanning activity