Linux Forensics Links PDF Print E-mail

The following list are potentially useful if you need to do forensics on a compromised computer.  They were found elsewhere on the Net and noted here for archival purposes.

http://www.bastille-linux.org/

http://www.rootkit.nl/projects/rootkit_hunter.html
http://www.chkrootkit.org/

http://www.sleuthkit.org/index.php
http://www.sleuthkit.org/sleuthkit/
http://sleuthkit.sourceforge.net/autopsy/desc.php
http://www.sleuthkit.org/links.php

http://www.linux-forensics.com/links.html

http://www.forensics.nl/toolkits
http://www.intrusions.org/incidents/lists

http://seclists.org/
http://www.insecure.org/
http://www.insecure.org/tools.html

http://www.hackinglinuxexposed.com/articles/
http://www.hackinglinuxexposed.com/about/ << pretty good book

http://www.linuxexposed.com/Articles/Security.html