44CON LONDON 2015 has ended
Back To Schedule
Friday, September 11 • 09:30 - 10:29
15-Minute Linux Incident Response Live Analysis

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

This presentation will show attendees how to perform an initial live analysis of a Linux system in mere minutes. The focus of the talk will be a set of shell scripts that allow an investigator to quickly make a determination as to whether or not an incident has occurred without the need to shutdown the system to perform traditional dead analysis.

Within 15 minutes the investigator should have a rough idea of what has transpired and will be in a better position to determine if dead analysis is warranted. The shell scripts presented minimize the disturbance to the system and send all information to a forensics workstation over the network.

Nothing beyond basic Linux knowledge (user not administrator) is required of attendees. Attendees will leave with some tools for live analysis and also a good introduction to shell scripting for those that are new to this topic.

avatar for Philip Polstra

Philip Polstra

Dr. Phil Polstra was born at an early age and has been programming since age 8 and hacking electronics since age 12. He is currently an Associate Professor teaching Digital Forensics and computer security at Bloomsburg University of Pennsylvania. He is no stranger to infosec conferences... Read More →

Friday September 11, 2015 09:30 - 10:29 BST
Track 2

Attendees (0)