UNIX and Linux Forensic Analysis DVD Toolkit

Chapter 8. Malware

Solutions in this chapter:
Viruses

Storms on the Horizon

Do it Yourself

Do it Yourself with Panda and Clam

Introduction

One of the less technical, yet helpful steps of a forensic investigation is to scan the acquired images for malware, specifically viruses, worms, and Trojan Horses. While malware discovery may not be the primary reason for the forensic investigation, frequently I have found that the systems involved in an incident are infected. This may be completely coincidental, or the result of a directed attack. Either way, performing a comprehensive malware sweep can produce leads, which may lead to specific answers about the incident.

I have used a combination of open source and proprietary utilities including: ...

Get UNIX and Linux Forensic Analysis DVD Toolkit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

UNIX and Linux Forensic Analysis DVD Toolkit by Chris Pogue, Cory Altheide, Todd Haverkos

Chapter 8. Malware

Solutions in this chapter:

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly