System Forensics, Investigation, and Response, 3rd Edition

Linux Directories

In any operating system, there are key directories that are important to the functioning of that operating system. In Linux, these directories are important places to seek out evidence. Knowing the general purpose of the major directories, as well as their potential forensic importance, is useful in conducting a forensic analysis of a Linux system.

The /root Directory

The /root directory is the home directory for the root user. The root in Linux is the same as the administrator in Windows. This directory is where any data for the administrator will be located.

The /bin Directory

The /bin directory holds binary or compiled files. This means programs, including some malware, may be found here. You absolutely should examine ...

Get System Forensics, Investigation, and Response, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

System Forensics, Investigation, and Response, 3rd Edition by Chuck Easttom

Linux Directories

The /root Directory

The /bin Directory

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly