O'Reilly logo

Computer Forensics: Incident Response Essentials by Warren G. Kruse, Jay G. Heiser

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11. Investigating a Unix Host

It is a sad fact of network life that the number of Unix systems successfully attacked exceeds the ability of their owners to adequately examine them. Even when sufficient human resources are available, circumstances may intrude—management may not allow a live system to be taken down in order to methodically collect the evidence of an attack. In their one-day seminar on Unix forensics,1 Dan Farmer and Wietse Venema provided a summary of the different levels of effort that may be applied in the response to a particular incident (see Table 11-1). We certainly don’t recommend that you ignore an incident and go back to work. If this was your plan, you probably wouldn’t be reading this book. Many managers decide ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required