| 001 - CONTROL NUMBER |
|---|
| control field |
EBL1115128 |
| 006 - FIXED-LENGTH DATA ELEMENTS--ADDITIONAL MATERIAL CHARACTERISTICS |
|---|
| additional material characteristics |
m d |
| 007 - PHYSICAL DESCRIPTION FIXED FIELD--GENERAL INFORMATION |
|---|
| fixed length control field |
cr -n--------- |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
131220s2013||||||| s|||||||||||eng|d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781597494717 |
| Terms of availability |
49.42 (UA) |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(AU-PeEL)1115128 |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
AU-PeEL |
| Language of cataloging |
eng |
| Transcribing agency |
AU-PeEL |
| Modifying agency |
AU-PeEL |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
QA76.9.A25 .M384 2013 |
| 082 00 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
005.8 |
| 090 ## - LOCALLY ASSIGNED LC-TYPE CALL NUMBER (OCLC); LOCAL CALL NUMBER (OCLC) |
|---|
| Classification number (OCLC) (R) ; Classification number, CALL (RLIN) (NR) |
QA76.9.A25 .M384 2013 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Malin, Cameron H. |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Malware Forensics Field Guide for Linux Systems : |
| Remainder of title |
Digital Forensics Field Guides |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Place of publication, distribution, etc |
Burlington : |
| Name of publisher, distributor, etc |
Elsevier Science, |
| Date of publication, distribution, etc |
2013. |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
1 online resource (1037 p.) |
| 490 0# - SERIES STATEMENT |
|---|
| Series statement |
eBooks on Demand |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Cover image; Title page; Table of Contents; Copyright; Dedication; Acknowledgments; Special Thanks to the Technical Editor; Biography; About the Authors; About the Technical Editor; Introduction; Introduction to Malware Forensics; Class Versus Individuating Characteristics; Chapter 1. Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System; Solutions in this chapter:; Introduction; Volatile Data Collection Methodology; Nonvolatile Data Collection from a Live Linux System; Conclusion; Pitfalls to Avoid; Incident Tool Suites; Remote Collection Tools |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Volatile Data Collection and Analysis ToolsCollecting Subject System Details; Identifying Users Logged into the System; Network Connections and Activity; Process Analysis; Loaded Modules; Open Files; Command History; Selected Readings; Linux Memory Forensics Tools; Interpreting Various Data Structures in Linux Memory; Dumping Linux Process Memory; Dissecting Linux Process Memory; Conclusions; Pitfalls to Avoid; Field Notes: Memory Forensics; Selected Readings; Chapter 2. Linux Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts; Solutions in this Chapter: |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
IntroductionMemory Forensics Overview; "Old School" Memory Analysis; How Linux Memory Forensics Tools Work; Chapter 3. Postmortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems; Solutions in this Chapter; Introduction; Linux Forensic Analysis Overview; Malware Discovery and Extraction from a Linux System; Examine Linux File System; Examine Application Traces; Keyword Searching; Forensic Reconstruction of Compromised Linux Systems; Advanced Malware Discovery and Extraction from a Linux System; Conclusions; Pitfalls to Avoid |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Field Notes: Linux System ExaminationsForensic Tool Suites; Timeline Generation; Selected Readings; Chapter 4. Legal Considerations; Solutions in this Chapter:; Framing the Issues; General Considerations; Sources of Investigative Authority; Statutory Limits on Authority; Tools for Acquiring Data; Acquiring Data Across Borders; Involving Law Enforcement; Improving Chances for Admissibility; State Private Investigator and Breach Notification Statutes; International Resources:; The Federal Rules: Evidence for Digital Investigators |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Chapter 5. File Identification and Profiling: Initial Analysis of a Suspect File on a Linux SystemSolutions in this Chapter:; Introduction; Overview of the File Profiling Process; Working With Linux Executables; File Similarity Indexing; File Visualization; Symbolic and Debug Information; Embedded File Metadata; File Obfuscation: Packing and Encryption Identification; Embedded Artifact Extraction Revisited; Executable and Linkable Format (ELF); Profiling Suspect Document Files; Profiling Adobe Portable Document Format (PDF) Files; Profiling Microsoft (MS) Office Files; Conclusion |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Pitfalls to Avoid |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc |
The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a ""toolkit"" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab. |
| 588 ## - |
|---|
| -- |
Description based upon print version of record. |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Computer networks -- Examinations -- Study guides. |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Computer security. |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Linux -- Examinations -- Study guides. |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Operating systems (Computers) -- Examinations -- Study guides. |
| 655 #0 - INDEX TERM--GENRE/FORM |
|---|
| Genre/form data or focus term |
Electronic books. |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Casey, Eoghan. |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Aquilina, James M. |
| 776 08 - ADDITIONAL PHYSICAL FORM ENTRY |
|---|
| Display text |
Print version: |
| Main entry heading |
Malin, Cameron H. |
| Title |
Malware Forensics Field Guide for Linux Systems : Digital Forensics Field Guides |
| Place, publisher, and date of publication |
Burlington : Elsevier Science,c2013 |
| International Standard Book Number |
9781597494700 |
| 856 40 - ELECTRONIC LOCATION AND ACCESS |
|---|
| Uniform Resource Identifier |
<a href="http://uttyler.eblib.com/patron/FullRecord.aspx?p=1115128">http://uttyler.eblib.com/patron/FullRecord.aspx?p=1115128</a> |
| Link text |
Click here to view this ebook. |
| 901 ## - LOCAL DATA ELEMENT A, LDA (RLIN) |
|---|
| Platform |
EBL |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Koha item type |
Electronic Book |
| Source of classification or shelving scheme |
|
