Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data

Linux Malware Incident Response is a "first look" at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.

- Presented in a succinct outline format with cross-references to included supplemental components and appendices



- Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system



- Addresses malware artifact discovery and extraction from a live Linux system