2018年3月15日 星期四

Digital Forensics on a Linux Machine

https://staff.washington.edu/dittrich/misc/forensics/




https://securitycommunity.tcs.com/infosecsoapbox/articles/2015/11/17/forensic-artifacts-linux-machine


http://www.linuxleo.com/Docs/linuxintro-LEFE-4.31.pdf



https://help.ubuntu.com/community/LinuxLogFiles



http://linux.vbird.org/linux_basic/0570syslog/0570syslog.php

==========================================
audit
http://yishidian.net/如何使用linux審核系統在centos-7

https://serverfault.com/questions/327846/convert-selinux-log-date-format-from-epoch-to-normal



==========================================
system log
https://www.cyut.edu.tw/~ywfan/netlab/20060912chapter11-log.htm
http://linux.vbird.org/linux_basic/0570syslog.php

====================================================
ngeix log

https://stackoverflow.com/questions/26780466/nginx-understanding-access-log-column


# nginx.conf
http {
  ...
  log_format combined '$remote_addr - $remote_user [$time_local] '
                      '"$request" $status $body_bytes_sent '
                      '"$http_referer" "$http_user_agent"';
}

example

66.249.65.159 - - [06/Nov/2014:19:10:38 +0600] "GET /news/53f8d72920ba2744fe873ebc.html HTTP/1.1" 404 177 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.65.3 - - [06/Nov/2014:19:11:24 +0600] "GET /?q=%E0%A6%AB%E0%A6%BE%E0%A7%9F%E0%A6%BE%E0%A6%B0 HTTP/1.1" 200 4223 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.65.62 - - [06/Nov/2014:19:12:14 +0600] "GET /?q=%E0%A6%A6%E0%A7%8B%E0%A7%9F%E0%A6%BE HTTP/1.1" 200 4356 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"




=================== maillog reading method =================
https://sendgrid.com/blog/delivered-bounced-blocked-and-deferred-emails-what-does-it-all-mean/




=====================understanding reading mail log ============
http://linuxmaza.blogspot.tw/2010/02/understanding-and-reading-mail-logs.html




==================bash introduction ==========================

https://beginlinux.wordpress.com/tag/bash_logout/



===================== Browser history on linux machine ==== chorome and firefox

https://askubuntu.com/questions/631631/getting-internet-browsing-history-from-shell





張貼者:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)