By Cory Altheide, Chris Pogue, Todd Haverkos
This ebook addresses subject matters within the quarter of forensic research of structures working on editions of the UNIX working approach, that's the alternative of hackers for his or her assault systems. in accordance with a 2007 IDC record, UNIX servers account for the second-largest phase of spending (behind home windows) within the all over the world server marketplace with $4.2 billion in 2Q07, representing 31.7% of company server spending. UNIX structures haven't been analyzed to any major intensity mostly because of an absence of knowing at the a part of the investigator, an realizing and information base that has been accomplished by way of the attacker.
The ebook starts with a bankruptcy to explain why and the way the ebook was once written, and for whom, after which instantly starts addressing the problems of reside reaction (volatile) info assortment and research. The booklet keeps by way of addressing problems with accumulating and interpreting the contents of actual reminiscence (i.e., RAM). the next chapters tackle /proc research, revealing the wealth of important proof, and research of records created by way of or on UNIX platforms. Then the e-book addresses the underground international of UNIX hacking and divulges equipment and strategies utilized by hackers, malware coders, and anti-forensic builders. The booklet then illustrates to the investigator how one can study those documents and extract the knowledge they should practice a finished forensic research. the ultimate bankruptcy contains a distinct dialogue of loadable kernel Modules and malware.
Throughout the booklet the writer presents a wealth of special details, supplying instruments, thoughts and data that won't be chanced on wherever else.
This booklet comprises information regarding UNIX forensic research that's not to be had at any place else. a lot of the data is due to the the author's personal specified examine and work.
The authors have the mixed event of legislations enforcement, army, and company forensics. This specified standpoint makes this e-book appealing to all forensic investigators.