Chapter 13 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. . Investigating Computer Intrusion
Jan 04, 2016
Chapter 13
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
. Investigating Computer Intrusions
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.1 Use of the nmap scanning tool to obtain information about what services are running on a remote computer.
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.2 Metasploit being used to exploit a vulnerability on a remote Windows computer.
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.3 Directory listing obtained from a remote system after gaining remote access via a vulnerability exploited using Metasploit.
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.4 Listing showing details about processes running on a Windows system.
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.5 Order of volatility.
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.6 Unusual process viewed using Alt-Ctrl-Del.
Figure 1.1
Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
FIGURE 13.7 EnCase used to analyze Linux system showing rootkit installations script.