Introduction to Forensics


In this talk Kyle Rankin will cover basic concepts for a forensics investigation using Sleuthkit and Autopsy. The talk will feature a demo with a real compromised system.

In this talk Kyle Rankin will provide an introduction to performing forensics analysis on Linux machines using the popular Sleuthkit tools with their easy-to-use Autopsy web-based front-end. The talk will cover initial installation and configuration of Sleuthkit and Autopsy, basic concepts and considerations for a forensics investigation, and at the end there will be a demo with a real, compromised Linux image.

Speaker: Kyle Rankin

Copyright 2002-2010 Linux Expo of Southern California. All Rights Reserved.