[Pauldotcom] Unix/Linux Incident Response resources
Dave Hull
dphull at trustedsignal.com
Wed Nov 16 14:29:32 UTC 2011
On Tue, Nov 15, 2011 at 7:06 PM, Jon Schipp <jonschipp at gmail.com> wrote:
>
> Do you know of any good resources e.g. books, articles, cheat sheets on
> incident response for *nix machines.
>
> Things I'm looking for e.g. uses of "find", "grep", "strings", and tools
> covering time stamp information etc.
>
> Basically, going through your typical unix tools except with a IR
> perspective/focus. I figured something like this would help me pay more
> attention to things on my systems.
These results look self-serving, such was not my intention, but you
may find some useful things here:
http://www.google.com/search?q=site:computer-forensics.sans.org%2Fblog+awk+grep+find+strings+time+line&pbx=1&oq=site:computer-forensics.sans.org%2Fblog+awk+grep+find+strings+time+line
More information about the Pauldotcom
mailing list