|
|
|
|
LEADER |
00000cam a2200000Mi 4500 |
001 |
SCIDIR_ocn830170160 |
003 |
OCoLC |
005 |
20231117044837.0 |
006 |
m o d |
007 |
cr |n||||||||| |
008 |
130316s2013 vtu ob 000 0 eng d |
040 |
|
|
|a EBLCP
|b eng
|e pn
|c EBLCP
|d OCLCQ
|d YDXCP
|d OCLCQ
|d TEF
|d OCLCF
|d UPM
|d UKDOC
|d E7B
|d OCLCQ
|d UIU
|d OCLCQ
|d COO
|d DEBSZ
|d OCLCQ
|d MERUC
|d OCLCQ
|d OCLCA
|d U3W
|d D6H
|d OCLCQ
|d S2H
|d OCLCO
|d SFB
|d OCLCO
|d OCLCQ
|d OCLCO
|
020 |
|
|
|a 9780124114890
|
020 |
|
|
|a 012411489X
|
020 |
|
|
|z 9780124095076
|
020 |
|
|
|z 0124095070
|
035 |
|
|
|a (OCoLC)830170160
|
050 |
|
4 |
|a QA76.3 .M384 2013
|
082 |
0 |
4 |
|a 005.432
|
100 |
1 |
|
|a Malin, Cameron H.
|
245 |
1 |
0 |
|a Linux Malware Incident Response :
|b an Excerpt from Malware Forensic Field Guide for Linux Systems.
|
260 |
|
|
|a Burlington :
|b Elsevier Science,
|c 2013.
|
300 |
|
|
|a 1 online resource (135 pages)
|
336 |
|
|
|a text
|b txt
|2 rdacontent
|
337 |
|
|
|a computer
|b c
|2 rdamedia
|
338 |
|
|
|a online resource
|b cr
|2 rdacarrier
|
520 |
|
|
|a The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a la.
|
588 |
0 |
|
|a Print version record.
|
504 |
|
|
|a Includes bibliographical references.
|
505 |
0 |
|
|a Front Cover; Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data; Copyright Page; Contents; Introduction; How to Use This book; Supplemental Components; Investigative Approach; Methodical Approach; Forensic Soundness; Documentation; Evidence Dynamics; Forensic Analysis in Malware Investigations; Preservation and Examination of Volatile Data; Temporal, Functional, and Relational Analysis; Applying Forensics to Malware; Class Versus Individuating Characteristics; From Malware Analysis to Malware Forensics
|
505 |
8 |
|
|a 1 Linux Malware Incident ResponseIntroduction; Local vs. Remote Collection; Investigative Considerations; Volatile Data Collection Methodology; Documenting Collection Steps; Volatile Data Collection Steps; Preservation of Volatile Data; Investigative Considerations; Physical Memory Acquisition on a Live Linux System; Acquiring Physical Memory Locally; Command-Line Utilities; Using dd to Acquire Physical Memory; Using memdump to Acquire Physical Memory; Collecting the /proc/kcore file; GUI-Based Memory Dumping Tools; Using Helix3 Pro to Acquire Physical Memory
|
505 |
8 |
|
|a Documenting the Contents of the /proc/meminfo FileInvestigative Considerations; Remote Physical Memory Acquisition; Configuring the Helix3 Pro Image Receiver: Examination System; Configuring Helix3 Pro to Transmit over the Image Receiver: Subject System; Other Methods of Acquiring Physical Memory; Collecting Subject System Details; System Date and Time; System Identifiers; Network Configuration; System Uptime; System Environment; Investigative Consideration; System Status; Identifying Users Logged into the System; Investigative Considerations; Inspect Network Connections and Activity
|
505 |
8 |
|
|a Investigative ConsiderationsActive Network Connections; Examine Routing Table; ARP Cache; Collecting Process Information; Process Name and Process Identification; Temporal Context; Memory Usage; Process to Executable Program Mapping: Full System Path to Executable File; Investigative Considerations; Process to User Mapping; Investigative Considerations; Child Processes; Investigative Consideration; Invoked Libraries: Dependencies Loaded by Running Processes; Command-Line Parameters; Preserving Process Memory on a Live Linux System; Investigative Consideration
|
505 |
8 |
|
|a Examine Running Processes in Relational Context to System State and ArtifactsVolatile Data in /proc Directory; Correlate Open Ports with Running Processes and Programs; Investigative Consideration; Open Files and Dependencies; Investigative Consideration; Identifying Running Services; Examine Loaded Modules; Investigative Consideration; Collecting the Command History; Identifying Mounted and Shared Drives; Determine Scheduled Tasks; Collecting Clipboard Contents; Nonvolatile Data Collection from a Live Linux System; Forensic Duplication of Storage Media on a Live Linux System
|
650 |
|
0 |
|a Computer security.
|
650 |
|
6 |
|a S�ecurit�e informatique.
|0 (CaQQLa)201-0061152
|
650 |
|
7 |
|a Computer security
|2 fast
|0 (OCoLC)fst00872484
|
700 |
1 |
|
|a Casey, Eoghan.
|
700 |
1 |
|
|a Aquilina, James M.
|
776 |
0 |
8 |
|i Print version:
|a Malin, Cameron H.
|t Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data.
|d Burlington : Elsevier Science, �2013
|z 9780124095076
|
856 |
4 |
0 |
|u https://sciencedirect.uam.elogim.com/science/book/9780124095076
|z Texto completo
|