kernel

rootkit

To invisibly maintain access to a machine, an attacker utilizes a rootkit that sits undetected in the core components of the operating system. what is this type of rootkit an example of ?

Leave a Comment / CEHv11 / By

To invisibly maintain access to a machine, an attacker utilizes a rootkit that sits undetected in the core components of the operating system. what is this type of rootkit an example of ? Option 1 : Firmware rootkit Option 2 : Hardware rootkit Option 3 : Hypervisor rootkit Option 4 : Kernel rootkit 1. firmware rootkit A firmware rootkit uses device or platform firmware to form a persistent malware image in hardware, like a router, …

To invisibly maintain access to a machine, an attacker utilizes a rootkit that sits undetected in the core components of the operating system. what is this type of rootkit an example of ? Read More »

Linux-Forensics

Linux Forensics

Leave a Comment / CHFI, Knowledge Base / By

Linux forensics refers to performing forensic investigation on a Linux operated device. To do so, the investigators should have a good understanding on the techniques required to conduct live analysis; to collect volatile and non-volatile data, along with knowledge of various shell commands and the information they can retrieve. The investigators should also be aware of the Linux log files, their storage and location in the directory, as they are the most important sources of information …

Linux Forensics Read More »

Memory-Dump

What is Memory Dump?

Leave a Comment / CHFI, Knowledge Base / By

MemoryDump or crash dump is a storage space, where the system stores a memory backup, in case of a system failure. The system also creates a memorydump when it does not have enough memory for system operation. This backup enables users to examine the cause of the system crash and helps to know about any errors in the applications or in the operating system. In Windows systems it is also known as the blue screen …

What is Memory Dump? Read More »

Learn All About Linux File Systems

Learn All About Linux File Systems

Leave a Comment / CHFI / By

In this blog explain Linux File System Architecture, File system Hierarchy atandard (FHS), Extended File System (EXT), Second Extended File System (EXT2), Second Extended File System (EXT2) (Cont’d), Second Extended File System (EXT2) (Cont’d) etc… Linux OS uses different file systems to store the data. As the investigators may encounter the attack source or victim systems to be running on Linux, they should have comprehensive knowledge regarding the storage methods it employs. The following section …

Learn All About Linux File Systems Read More »

Booting-Process

What is the Booting Process?

Leave a Comment / CHFI / By

Booting is the process of starting or resetting the computer when the user turns the system on. The process includes getting both the hardware and software ready and running. The booting process is of two types: Cold booting: The process happening when we first turn on the computer. Also called as hard boot, this happens when user completely cuts the power supply to the system. Warm booting is the process happening when we reset the …

What is the Booting Process? Read More »