PaulDotCom mailing list archives

Re: Unix/Linux Incident Response resources

From: Kevin Shaw <kevin.lee.shaw () gmail com>
Date: Tue, 15 Nov 2011 20:22:30 -0500

In all seriousness SANS has a lot of things for this.
On Nov 15, 2011 8:09 PM, "Jon Schipp" <jonschipp () gmail com> wrote:

Hey guys,

Do you know of any good resources e.g. books, articles, cheat sheets on
incident response for *nix machines.

Things I'm looking for e.g. uses of "find", "grep", "strings", and tools
covering time stamp information etc.

Basically, going through your typical unix tools except with a IR
perspective/focus. I figured something like this would help me pay more
attention to things on my systems.

Thanks
Jon

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Unix/Linux Incident Response resources Jon Schipp (Nov 15)
- Re: Unix/Linux Incident Response resources Kevin Shaw (Nov 15)
  - Re: Unix/Linux Incident Response resources Christopher Croad (Nov 16)
- Re: Unix/Linux Incident Response resources Dave Hull (Nov 16)
- Re: Unix/Linux Incident Response resources David3 Gonnella (Nov 16)
  - Re: Unix/Linux Incident Response resources Jon Schipp (Nov 18)
  - Re: Unix/Linux Incident Response resources chrishague (Nov 18)