The video of Craig’s talk at the Christchurch Hacker Con has been posted to YouTube. This video covers the slides posted here on the blog which includes using basic Linux command line tools for intrusion detection and forensics. The talk covers these areas:
- Suspicious processes
- Suspicious directories
- Suspicious files and audit log tampering
- Other things that are out of place that could indicate a hacker is on a Linux system.
Craig will be doing a periodic series on Linux forensics and intrusion detection going forward. Please subscribe to our channel or mailing list to keep updated.