The main purpose of this document will be to combine both incident response and Linux forensics into one single article. Please keep in mind that the information presented in this segment will require intractions with the suspect machine. While we would prefer that analysts utilize the script here: https://networkdefensesolutions.com/index.php/products/58-desktop-services-linux/289-linuxir if you feel any other tools would work best for you. Please use those.

Register to read more …