Linux Malware Incident Response

Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data: An Excerpt from Malware Forensic Field Guide for Linux Systems

Book Details:
Pages: 134
Publisher: Syngress (March 2013)
Language: English
ISBN-10: 0124095070
ISBN-13: 978-0124095076
Format: PDF, EPUB

Book Description:
Linux Malware Incident Response is a first look at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a toolkit with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.

• Presented in a succinct outline format with cross-references to included supplemental components and appendices
• Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system
• Addresses malware artifact discovery and extraction from a live Linux system

Table of Contents
Chapter 1. Linux Malware Incident Response

Appendix A. Linux Field Guide Tool Box
Appendix B. Selected Readings
Appendix C. Interview Questions
Appendix D. Pitfalls to Avoid
Appendix E. Live Response Field Notes

Download : Linux Malware Incident Response

Practical VoIP Security

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive.

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.

This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive
More VoIP phone lines are being installed every day than traditional PBX phone lines· VoIP is vulnerable to the same range of attacks of any network device· VoIP phones can receive as many Spam voice mails as your e-mail can receive Spam e-mails, and as result must have the same types of anti-spam capabilities

Contents
1. Introduction
2. Architectures
3. Hardware
4. Protocols
5. Support Protocols
6. Protocol Security
7. Threats
8. Solutions Overview
9. Reuse Existing Security Infrastructure Wisely
10. Confirm User Identity
11. Active Security Monitoring
12. Logical Segregation
13. Encryption
14. A Note on Regulatory Compliance
15. Recommendations
16. Appendix

A: Access List Guidelines

Thomas Porter, Jan Kanclirz Jr., “Practical VoIP Security”
2006 | pages: 592 | ISBN: 1597490601 | PDF | 9,7 mb

Download : Practical VoIP Security

Fix msfupdate Problem

Error : Could not find pg-0.15.0 in any of the sources. Run `bundle install` to install missing gems

The possibility of this error was their because while i was running the msfupdate command it shows me a error in some pg-0.15.1 package installation.

solution

• Go the this path (for 64 bit backtrack 5r3) - root@bt: cd /opt/metasploit/ruby/lib/ruby/1.9.1/x86_64-linux/

• Edit this file rbconfig.rb

• Search for this line - CONFIG["LIBRUBYARG_STATIC"] = “-Wl,-R -Wl,$(libdir) -L$(libdir) -l$(RUBY_SO_NAME)-static”  and Remove this - -l$(RUBY_SO_NAME)-static

• Save 

Video :