Kevin Holvoet · Oct 27, 2014 · 3:56 PM UTC

Kevin Holvoet @digihash

27 Oct 2014

@hal_pomeranz On Brucon you told where to look for anomalies beyond the log files. But I can't remember what exactly that was.

Hal Pomeranz · Oct 27, 2014 · 11:07 PM UTC

Hal Pomeranz · Oct 27, 2014 · 11:07 PM UTC

Hal Pomeranz @hal_pomeranz

27 Oct 2014

Replying to @digihash

@digihash Check out the "Linux Forensics for Non-Linux Folks" talk at deer-run.com/~hal/ - it has a lot of the info you're looking for

Oct 27, 2014 · 11:07 PM UTC