Linux Forensics Links The following list are potentially useful if you need to do forensics on a compromised computer.  They were found elsewhere on the Net and noted here for archival purposes. http://www.bastille-linux.org/ http://www.rootkit.nl/projects/rootkit_hunter.html http://www.chkrootkit.org/ http://www.sleuthkit.org/index.php http://www.sleuthkit.org/sleuthkit/ http://sleuthkit.sourceforge.net/autopsy/desc.php http://www.sleuthkit.org/links.php http://www.linux-forensics.com/links.html http://www.forensics.nl/toolkits http://www.intrusions.org/incidents/lists http://seclists.org/ http://www.insecure.org/ http://www.insecure.org/tools.html http://www.hackinglinuxexposed.com/articles/ http://www.hackinglinuxexposed.com/about/ << pretty good book http://www.linuxexposed.com/Articles/Security.html