search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Vim 101: A Beginner's Guide to Vim Open Source Science: A Revolution From Within openSUSE 11.2-- Incremental Updates, Plenty of Polish Microsoft, other rivals slam Google Chrome OS Intel Linux Graphics Shine With Fedora 12 Editor's Note: Do It Yourself "Cloud" Google Chrome OS: First looks, first impressions Kernel Log: Coming in 2.6.32 (Part 3) - Storage TV Mythos Renewed: MythTV 0.22 with Many Improvements Enhancing openSUSE 11.2: Adding Repositories and Packages Technical Specialist II – PC – LAN (AZ) Next Step Systems US-AZ-Scottsdale Post A Job | Post A Resume SysAdmin: Linux Memory Forensics Mar 17, 2004, 03 :00 UTC (0 Talkback[s]) (5582 reads) (Other stories by Michael Ford) "Forensic analysis is the investigation of an event that involves looking for evidence and interpreting that evidence. In the case of a computer crime in which a system was compromised, the investigator needs to find out who, what, where, when, how, and why. "There are three main areas from which evidence of an intrusion can be gathered. The first and most common is the hard drive. A file system on a hard drive contains the least volatile data. Whether the investigator's strategy involves shutting down the system or just removing the computer's power, the file system will still be there. The investigator's response strategy will dictate what changes are made to the file system. If the file system is shut down or if the investigator issues commands to the system to collect information, the file system may be changed, but in the end, it's still there. There are then many tools, such as The Sleuth Kit or The Coroner's Toolkit (TCT), that can be used to analyze the file system. "The second, and most volatile, of the three areas is network traffic. Once a packet has reached its destination, it's no longer on the wire, and it will only exist briefly in memory on the received system. Regional and national laws dictate the legality of collecting network traffic, but many tools exist to do so. These include intrusion detection systems (IDS), such as Snort, and network monitoring facilities, such as tcpdump or Ethereal..." Complete Story Related Stories: ZDNet Australia: NSW Police Investigate Linux(Jan 16, 2004) Debian Investigation Report After Server Compromises(Dec 02, 2003) LinuxWorld Australia: Police, Penguin Join Forces on Forensics(Dec 06, 2002) The Register: Data Security for Linux Power Users(Nov 11, 2002) No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP Search: WebMediaBrands Corporate Info Legal Notices, Licensing, Permissions, Privacy Policy. Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs Solutions Whitepapers and eBooks Microsoft Articles: Visual Studio 2010 Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications Microsoft Whitepaper: How Windows Server 2008 R2 Helps Optimize IT and Save You Money Adobe Article: Java Developers Finding a Home at Adobe Flex IBM Articles: A Smarter Business Needs Smarter Technology Intel Xeon Processor Increases Server Efficiency and Capabilities Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise Oracle Whitepapers - Innovation for IT Leaders Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT Internet.com eBook: IT Manager's Guide to Social Networking Internet.com eBook: Get Ready for Windows 7 Microsoft Article: Expression Web 3--New Features for PHP Developers Whitepapers: Manage Your Business Infrastracture with IBM Whitepaper: Maximize Your Storage Investment with HP Internet.com eBook: Becoming a Better Project Manager Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Webcast: Connecting PHP to Microsoft Technologies Video: Microsoft Partner Program Benefits Video: Windows Azure Debugging Tips SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports IBM Webcast: Speed Business Innovation with Reduced Cost and Risk Video: Deploy Applications on Windows Azure MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Download: Microsoft Visual Studio 2010 Beta 2 Downloads & Free Trials: Microsoft's New Efficiency Resource Center Get the Windows 7 SDK Free Trial: Red Gate SQL Backup Pro 6 Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products All About Botnets MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES