PaulDotCom mailing list archives
Re: Unix/Linux Incident Response resources
From: "chrishague" <chrishague () comcast net>
Date: Fri, 18 Nov 2011 16:55:43 -0500
Also you might want to check out UNIX and Linux Forensic Analysis DVD Toolkit - http://www.amazon.com/UNIX-Linux-Forensic-Analysis-Toolkit/dp/1597492698 Thanks, Chris Hague, CHFI, GCFA, CEH, CPT Senior Consulting Manager IR and Forensics Practice Lead AT&T Consulting Solutions, Inc Email: chris.hague () att com Office: 508-644-1504 Mobile: 508-717-5050 Fax: 774-961-3513 -----Original Message----- From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of David3 Gonnella Sent: Wednesday, November 16, 2011 7:50 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Unix/Linux Incident Response resources Hi Jon here are some cheat sheets from SANS, that could help as a quick reference during an incident response... http://devcheatsheet.com/source/sans-institute/ cheers, D. On 11/16/2011 02:06 AM, Jon Schipp wrote:
Hey guys, Do you know of any good resources e.g. books, articles, cheat sheets on incident response for *nix machines. Things I'm looking for e.g. uses of "find", "grep", "strings", and tools covering time stamp information etc. Basically, going through your typical unix tools except with a IR perspective/focus. I figured something like this would help me pay more attention to things on my systems. Thanks Jon _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Unix/Linux Incident Response resources Jon Schipp (Nov 15)
- Re: Unix/Linux Incident Response resources Kevin Shaw (Nov 15)
- Re: Unix/Linux Incident Response resources Christopher Croad (Nov 16)
- Re: Unix/Linux Incident Response resources Dave Hull (Nov 16)
- Re: Unix/Linux Incident Response resources David3 Gonnella (Nov 16)
- Re: Unix/Linux Incident Response resources Jon Schipp (Nov 18)
- Re: Unix/Linux Incident Response resources chrishague (Nov 18)
- Re: Unix/Linux Incident Response resources Kevin Shaw (Nov 15)