Just a reminder that I’m always on the lookout for compromised Linux images that I can use for labs in my Linux Forensics training! Please RT for reach...thanks!

Do you have guidelines on how potentially sensitive content should be scrubbed from them? This seems hard to do in a way that doesn't defeat the purpose. For example logs of non-attacker activity likely reveal PII.