Index

Note: Page numbers with “f” denote figures; “t” tables.

A

Active system and network monitoring
file system monitoring
lsof command, 421, 421f
open files and sockets, 420–421
network activity
EtherApe, 427, 428f
“feed” effect, 424–426
real-time network traffic, 426
Web server, program’s interaction, 423–424
Wireshark capture options, 426, 427f
port activity
GUI tools, 429–430, 430f
information observation, 428
netstat -an command, 428, 429f
netstat -anp command, 429, 429f
port numbers, 427
/proc/<pid> entries, 419–420, 420f
real-time data, 419
system and dynamic library calls, 430, 431f
Address resolution protocol (ARP) cache, 27, 30, 30f
Adore rootkit, 47–48, 47f
American Recovery and Reinvestment Act ...

Get Malware Forensics Field Guide for Linux Systems now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial