O'Reilly logo

Anti-Hacker Tool Kit, Fourth Edition by Mike Shema

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 16
BASIC FORENSICS
image
We turn to forensics when it’s necessary to investigate activity on a system. Logfiles do not always capture information relevant to answering questions. They may capture data like “When and from what IP address did a user access a system?” but may not be able to answer questions like “What files have been executed or deleted?” or “Were these files accessed when the user logged in?” We need tools and techniques to recover or deduce this kind of information, especially if logfiles have been erased by an attacker trying to cover their tracks.
The activity under investigation need not be malicious or illegal. It may be ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required