SUMMARY

In this chapter we have introduced the most commonly used Volatility commands for incident response on a Linux system. We saw that many of these commands returned no additional information about the attack on PFE’s computer. In the next chapter we will discuss how this situation changes when the attacker uses some more advanced techniques than those employed in the PFE hack.

CHAPTER

9