Also you might want to check out UNIX and Linux Forensic Analysis DVD Toolkit - http://www.amazon.com/UNIX-Linux-Forensic-Analysis-Toolkit/dp/1597492698
Thanks, Chris Hague, CHFI, GCFA, CEH, CPT Senior Consulting Manager IR and Forensics Practice Lead AT&T Consulting Solutions, Inc Email: [email protected] Office: 508-644-1504 Mobile: 508-717-5050 Fax: 774-961-3513 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David3 Gonnella Sent: Wednesday, November 16, 2011 7:50 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Unix/Linux Incident Response resources Hi Jon here are some cheat sheets from SANS, that could help as a quick reference during an incident response... http://devcheatsheet.com/source/sans-institute/ cheers, D. On 11/16/2011 02:06 AM, Jon Schipp wrote: > Hey guys, > > Do you know of any good resources e.g. books, articles, cheat sheets on > incident response for *nix machines. > > Things I'm looking for e.g. uses of "find", "grep", "strings", and tools > covering time stamp information etc. > > Basically, going through your typical unix tools except with a IR > perspective/focus. I figured something like this would help me pay more > attention to things on my systems. > > Thanks > Jon > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
