Skip to main content

Volatile Data Acquisition from Live Linux Systems: Part I.

 In the domain of digital forensics, volatile data assumes a paramount role, characterized by its ephemeral nature. Analogous to fleeting whispers in a bustling city, volatile data in Linux systems resides transiently within the Random Access Memory (RAM), encapsulating critical system configurations, active network connections, running processes, and traces of user activities. Once a Linux machine powers down, this ephemeral reservoir of information dissipates swiftly, rendering it irretrievable. read more....

Comments

Post a Comment

Popular posts from this blog

Fixing Unix/Linux/POSIX Filenames

Traditionally, Unix/Linux/POSIX filenames can be almost any sequence of bytes, and their meaning is unassigned. The only real rules are that "/" is always the directory separator, and that filenames can't contain byte 0 (because this is the terminator). Although this is flexible, this creates many unnecessary problems. In particular, this lack of limitations makes it unnecessarily difficult to write correct programs (enabling many security flaws), makes it impossible to consistently and accurately display filenames, causes portability problems, and confuses users. more ....
Post a Comment
Read more

Multi-Boot Disk for Machines With AMD Opteron Processors

This article presents step-by-step procedures for loading the Solaris 10 OS on x86 platforms, and one or two 64-bit Linux operating systems, on machines based on 64-bit AMD Opteron processors. Installations were done on generic Opteron-based workstations and confirmed on a Sun Fire V20z server and Sun Java Workstation W1100z and W2100z workstations.
Post a Comment
Read more