List UNIX/Linux systems files that are of particular interest to the forensic examiner.
What will be an ideal response?
Binary log files utmp, wtmp, and lastlog. These are typically located in the /var/adm or /var/log directories.
ASCII log files for Web and FTP access.
/etc/syslog.conf. Analysis of this file will provide the location of other log files on the system.
/etc/passwd. This file contains all user accounts and passwords.
/etc/groups.
/etc/hosts. This file contains static DNS entries.
/etc/rc.
/var/cron/log to look for programs scheduled to run. The programs will be located in /var/spool/cron or /usr/spool/cron.
/etc/inetd.conf and /etc/xinetd.conf.
Shell history files, which contain all commands entered within a particular shell.
You might also like to view...
A String constructor cannot be passed ________.
a. char arrays. b. int arrays. c. byte arrays. d. Strings.
Use the ____ element to configure a table heading cell.
a. td b. th c. head d. tr
A ____ is the DNS server that is the main administrative server for a zone.
A. primary DNS server B. secondary DNS server C. host DNS server D. stub DNS server
The task-based command-line scripting interface that enables you to perform a large number of remote management tasks is _____________________
a. Remote Assistance b. Windows Remote Management c. Remote Desktop d. Windows PowerShell