Introduction to Forensics

Kyle Rankin

Sr. Systems Administrator

Cyan Optics Inc.

Author of The Official Ubuntu Server Book, Ubuntu Hacks, and Knoppix Hacks


http://greenfly.org/talks/security/forensics.html

Agenda

What is Forensics

MAC Times

Order of Volatility

Before You Do Anything

Sleuthkit and Autopsy

Our Sample Image

A Forensics Walk-through

Demos are always dangerous...

Questions?

Additional Resources