LEARNING MORE
Has this book and/or a few Linux forensics investigations inspired you to learn more? You can never go wrong learning more about the fundamentals. Here is my list of fundamentals every forensics person should know:
Linux – this is the place for doing forensics, even if the subject is not running Linux
Python – this has become the de facto standard for information security people
Shell scripting – sometimes Python is overkill or has too much overhead
Assembly – a good understanding of Assembly helps you understand everything
What is the best way to learn Linux? Use it. Really use it. Run it every day as your primary operating system. Do not just run a live Linux distribution occasionally. Install Linux on your laptop. You will never learn about Linux administration from a live Linux distribution. Personally, I would stay away from a forensics-specific distribution, like SIFT. You will be much better off in the long run installing a standard version of Linux and then adding your tools. If you are not sure what to use, some member of the Ubuntu family is a good choice as there is a large community to which to turn when you want support. If, after running Linux for a few years, you decide you really want to learn Linux on a deeper level, consider installing Gentoo Linux (http://gentoo.org) on something other than your forensics workstation. Gentoo is a source-based distribution, and installing it can be simultaneously educational and extremely frustrating.
As with Linux, the best way to learn Python is to really use it. There are many books available that claim to teach you Python. The first thing you should realize is that Python can be used as a scripting language or as a programming language. Most of the books available treat Python as a programming language. What I mean by programming language is a language for writing large computer programs (say a word processor or a game). In my opinion, there are other languages that are better suited for such tasks.
To learn Python scripting requires a very hands-on approach. This is exactly what you will find in the Python course at Pentester Academy
(http://www.pentesteracademy.com/course?id=1). Some might question this recommendation, given that this book is published by Pentester Academy. I have been recommending this course long before I produced my first video for Pentester Academy or there was even a notion of this book, however. Some other good resources include http://learnpythonthehardway.org, http://www.codecademy.com/en/tracks/python, and http://learnpython.org.
As much as I might like Python, there are times when shell scripting is more appropriate. In general, when you primarily want to run some programs and/or do not need to do a lot of calculations, a shell script can be a good choice. Some online resources for learning shell scripting include http://linuxcommand.org, http://linuxconfig.org/bashscripting-tutorial, and http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO.html. Two books on shell scripting that I would recommend are Wicked Cool Shell Scripts by Dave Taylor (2nd edition scheduled for September 2015 publication) and Classic Shell Scripting by Arnold Robins and Nelson H.F. Beebe. The latter was published in 2005 but is still one of the best books available on this topic.
Why learn Assembly? A firm grasp of Assembly helps a person understand how computers work at the lowest level. Assembly is to computer science what calculus is to mathematics and physics. Just as knowing calculus allows you to instantly make sense of everything from your high school physics class, learning Assembly will make what goes on behind the scenes with high-level programming languages (C, C++, etc.) crystal clear.
Pentester Academy offers two courses on Assembly and shellcoding. One is for 32-bit systems and the other is for 64-bit operating systems. The 32-bit and 64-bit courses are available at http://www.pentesteracademy.com/course?id=3and http://www.pentesteracademy.com/course?id=7, respectively. Both of these courses will provide you with a basic understanding of Assembly and go well beyond what has been covered in this book.
If you want to delve deeper into Assembly and explore topics not covered in the Pentester Academy books mentioned above, you might enjoy Modern X86 Assembly Language Programming by Daniel Kusswurm. This book covers many topics that are not covered by the Pentester Academy courses (as these courses are focused on things used in shellcoding and reverse engineering malware). The additional topics include items such as using floating-point registers and Advanced Vector Extensions (AVX) found in new processors.