PaulDotCom mailing list archives
Re: Unix/Linux Incident Response resources
From: Dave Hull <dphull () trustedsignal com>
Date: Wed, 16 Nov 2011 08:29:32 -0600
On Tue, Nov 15, 2011 at 7:06 PM, Jon Schipp <jonschipp () gmail com> wrote:
Do you know of any good resources e.g. books, articles, cheat sheets on incident response for *nix machines. Things I'm looking for e.g. uses of "find", "grep", "strings", and tools covering time stamp information etc. Basically, going through your typical unix tools except with a IR perspective/focus. I figured something like this would help me pay more attention to things on my systems.
These results look self-serving, such was not my intention, but you may find some useful things here: http://www.google.com/search?q=site:computer-forensics.sans.org%2Fblog+awk+grep+find+strings+time+line&pbx=1&oq=site:computer-forensics.sans.org%2Fblog+awk+grep+find+strings+time+line _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Unix/Linux Incident Response resources Jon Schipp (Nov 15)
- Re: Unix/Linux Incident Response resources Kevin Shaw (Nov 15)
- Re: Unix/Linux Incident Response resources Christopher Croad (Nov 16)
- Re: Unix/Linux Incident Response resources Dave Hull (Nov 16)
- Re: Unix/Linux Incident Response resources David3 Gonnella (Nov 16)
- Re: Unix/Linux Incident Response resources Jon Schipp (Nov 18)
- Re: Unix/Linux Incident Response resources chrishague (Nov 18)
- Re: Unix/Linux Incident Response resources Kevin Shaw (Nov 15)