Forensic Analysis of a Linux System Lab

Infosec Learning
Virtual Lab

In this lab, you will learn how to search through a forensic disk image in dd format to find artifacts related to an intrusion on a Linux Server. Some of the relevant forensic artifacts from a Linux system include apache log files, the history file, and the secure or auth.log file, which includes valuable information such as SSH connections or user...

Time
1 hour 30 minutes
Difficulty
Advanced
Share
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

In this lab, you will learn how to search through a forensic disk image in dd format to find artifacts related to an intrusion on a Linux Server. Some of the relevant forensic artifacts from a Linux system include apache log files, the history file, and the secure or auth.log file, which includes valuable information such as SSH connections or user account activity. You will find that forensic analysis of a Linux system is far different than forensics in Windows.