Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, September 11 • 09:30 - 10:29
15-Minute Linux Incident Response Live Analysis

Sign up or log in to save this to your schedule and see who's attending!

This presentation will show attendees how to perform an initial live analysis of a Linux system in mere minutes. The focus of the talk will be a set of shell scripts that allow an investigator to quickly make a determination as to whether or not an incident has occurred without the need to shutdown the system to perform traditional dead analysis.

Within 15 minutes the investigator should have a rough idea of what has transpired and will be in a better position to determine if dead analysis is warranted. The shell scripts presented minimize the disturbance to the system and send all information to a forensics workstation over the network.

Nothing beyond basic Linux knowledge (user not administrator) is required of attendees. Attendees will leave with some tools for live analysis and also a good introduction to shell scripting for those that are new to this topic.


Speakers
avatar for Philip Polstra

Philip Polstra

Dr. Phil Polstra was born at an early age and has been programming since age 8 and hacking electronics since age 12. He is currently an Associate Professor teaching Digital Forensics and computer security at Bloomsburg University of Pennsylvania. He is no stranger to infosec conferences having presented at numerous conferences around the world. He is also an author. Most recently he published a book, "Hacking and Penetration Testing with... Read More →


Friday September 11, 2015 09:30 - 10:29
Track 2

Attendees (29)