Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Linux Forensics Paperback – July 13, 2015
|New from||Used from|
Frequently bought together
Customers who bought this item also bought
Linux Forensics is the most comprehensive and up-to-date resource for those wishing to quickly and efficiently perform forensics on Linux systems. It is also a great asset for anyone that would like to better understand Linux internals.
Linux Forensics will guide you step by step through the process of investigating a computer running Linux. Everything you need to know from the moment you receive the call from someone who thinks they have been attacked until the final report is written is covered in this book. All of the tools discussed in this book are free and most are also open source.
From the Author
Linux Forensics is the most up-to-date and comprehensive book on performing Linux forensics period. It has been a real labor of love to produce such a complete book. If you ever think you might need to investigate a Linux system or just want to learn more about how Linux works under the covers, this book is for you. This book will also have you well on your way to performing forensic investigations of other systems (Windows, OS X) from a Linux forensics workstation.
If you buy a new print edition of this book (or purchased one in the past), you can buy the Kindle edition for only $2.99 (Save 88%). Print edition purchase must be sold by Amazon. Learn more.
For thousands of qualifying books, your past, present, and future print-edition purchases now lets you buy the Kindle edition for $2.99 or less. (Textbooks available for $9.99 or less.)
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
The bash and Python scripts that went along with the book were great.
I'd say I'd recommend the whole book but for memory forensics refer to the Volatility teams book and Reversing the 2 books above.
Another thing is the absence of a bit of OS internals to explain how certain things work and what degree of confidence we can have in certain artifacts.
Still a good book to start with linux DFIR.