Advanced Linux Forensics

This course is geared towards those with significant Linux knowledge, experience, and understanding. If you are a strong Linux power user and you know and understand at least the very basics of Linux forensics (I.E., have used 'dd' to create images, 'grep' to search, 'loop' to mount image files, etc.) but are wondering what else can Linux do you for you then look over the content below!


Course Outline
Day 1;
1) Reviewing Linux Forensics
-- Concepts and methodologies
-- Creating physical and logical image files
-- Hashing media
-- Searching and analyzing media

Day 2;
1) Using the Network
-- 'dd' and network imaging
----- netcat, cryptcat, & other tools to send 'dd' images across a network
----- practicals
2) Logical Volume Manager (LVM)
-- LVM defined and usage
-- LVM and data forensics use
3) Using Linux to process Tapes
-- mt package and usage
----- practicals

Day 3;
1) BSD Focus
-- BSD design and concepts
-- BSD important files
----- configuration files, log files, scripts
-- BSD file system types and available drivers
-- BSD tools to aid in data forensics
2) Using Linux to process BSD Systems
-- image, hash, & analyze
----- practicals

Day 4;
1) Solaris Focus
-- Solaris design and concepts
-- Solaris important files
----- configuration files, log files, scripts
-- Solaris file system types and available drivers
-- Solaris tools to aid in data forensics
2) Using Linux to process Solaris systems
-- image, hash, & analyze
----- practicals

Day 5;
1) Linux Boot CDs
-- current boot cds and practicality
-- creating custom boot CDs for forensics
2) Putting it all together!
-- practicals

copyright © 2003 info@crazytrain.com