Title
Practical Linux Forensics: A Guide for Digital Investigators,Used
Sold by Ergodebooks, an authorized reseller.
Returns accepted within 30 days | support@ergodebooks.com
Shipping Information
- Free Standard Shipping — United States only
- Processing Time: 1–3 business days
- Estimated Delivery: 3–5 business days after dispatch
- Double-boxed, fully insured & discreetly packaged
- Tracking number sent via email once dispatched
- Orders over $250 require signature upon delivery. Taxes calculated at checkout.
Returns & Refund
Returns accepted within 30 days of delivery.
Damaged or Defective Item
Free return shipping + replacement or full refund
Wrong Item Received
Free return shipping + replacement or full refund
Change of Mind
Return shipping at customer's expense · 25% restocking fee applies
Payment Option
A resource to help forensic investigators locate, analyze, and understand digital evidence found on modern Linux systems after a crime, security incident or cyber attack.Practical Linux Forensics dives into the technical details of analyzing postmortem forensic images of Linux systems which have been misused, abused, or the target of malicious attacks. It helps forensic investigators locate and analyze digital evidence found on Linux desktops, servers, and IoT devices. Throughout the book, you learn how to identify digital artifacts which may be of interest to an investigation, draw logical conclusions, and reconstruct past activity from incidents. You?l learn how Linux works from a digital forensics and investigation perspective, and how to interpret evidence from Linux environments. The techniques shown are intended to be independent of the forensic analysis platforms and tools used.Learn how to:Extract evidence from storage devices and analyze partition tables, volume managers, popular Linux filesystems (Ext4, Btrfs, and Xfs), and encryption Investigate evidence from Linux logs, including traditional syslog, the systemd journal, kernel and audit logs, and logs from daemons and applications Reconstruct the Linux startup process, from boot loaders (UEFI and Grub) and kernel initialization, to systemd unit files and targets leading up to a graphical login Perform analysis of power, temperature, and the physical environment of a Linux machine, and find evidence of sleep, hibernation, shutdowns, reboots, and crashes Examine installed software, including distro installers, package formats, and package management systems from Debian, Fedora, SUSE, Arch, and other distros Perform analysis of time and Locale settings, internationalization including language and keyboard settings, and geolocation on a Linux system Reconstruct user login sessions (shell, X11 and Wayland), desktops (Gnome, KDE, and others) and analyze keyrings, wallets, trash cans, clipboards, thumbnails, recent files and other desktop artifacts Analyze network configuration, including interfaces, addresses, network managers, DNS, wireless artifacts (WiFi, Bluetooth, WWAN), VPNs (including WireGuard), firewalls, and proxy settings Identify traces of attached peripheral devices (PCI, USB, Thunderbolt, Bluetooth) including external storage, cameras, and mobiles, and reconstruct printing and scanning activity
⚠️ WARNING (California Proposition 65):
This product may contain chemicals known to the State of California to cause cancer, birth defects, or other reproductive harm.
For more information, please visit www.P65Warnings.ca.gov.
- Q: What is the size and binding of the book? A: The book is seven point zero six inches long, zero point nine two inches wide, and nine point three one inches tall, with a paperback binding.
- Q: How many pages does this book have? A: The book contains four hundred pages.
- Q: Who is the author of this book? A: The author of the book is Bruce Nikkel.
- Q: How do I use this book for digital investigations? A: You can use this book as a practical guide to locate and analyze digital evidence found on Linux systems.
- Q: Is this book suitable for beginners in digital forensics? A: Yes, this book is suitable for beginners and provides foundational knowledge in Linux forensics.
- Q: What specific topics are covered in this book? A: The book covers topics such as extracting evidence, analyzing Linux logs, and reconstructing user sessions.
- Q: How should I store this book to keep it in good condition? A: Store the book in a cool, dry place, away from direct sunlight to prevent damage to the pages and cover.
- Q: Is this book safe for children? A: No, this book is intended for adult readers interested in digital forensics.
- Q: What if the book arrives damaged? A: If the book arrives damaged, you can contact customer support for return or replacement options.
- Q: Can I find exercises or practical examples in this book? A: Yes, the book includes practical examples and exercises to apply the concepts learned.
- Q: What kind of evidence can I learn to analyze from this book? A: You will learn to analyze digital evidence from Linux desktops, servers, and IoT devices.
- Q: Does this book include information about different Linux distributions? A: Yes, it covers various Linux distributions, including Debian, Fedora, and Arch.
- Q: How can this book help in a cybersecurity incident? A: This book provides techniques for analyzing digital evidence after a cybersecurity incident or attack.
- Q: Are there any prerequisites to understand this book? A: A basic understanding of Linux systems is recommended to fully benefit from the content.
- Q: Does this book provide insights into Linux security features? A: Yes, it discusses analyzing network configurations and security features of Linux systems.
- Q: What is the publication year of this book? A: The book was published in twenty nineteen.