Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data

An Excerpt from Malware Forensic Field Guide for Linux Systems


  • Cameron Malin, Special Agent with the Federal Bureau of Investigation.
  • Eoghan Casey, BS, MA, Eoghan Casey, cmdLabs, Baltimore, MD, USA
  • James Aquilina, Managing Director and Deputy General Counsel of Stroz Friedberg, LLC

Linux Malware Incident Response is a "first look" at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.
View full description


Designed and written for malware forensics investigators and analysts, law enforcement, and legal professionals.


Book information

  • Published: March 2013
  • Imprint: SYNGRESS
  • ISBN: 978-0-12-409507-6

Table of Contents

Malware Incident Response: A Practitioner’s Guide to Volatile Data Collection and Examination on a Live Linux System
Appendix A: Linux Field Guide Tool Box
Appendix B: Selected Readings
Appendix C: Interview Questions
Appendix D: Pitfalls to Avoid
Appendix E: Live Response Field Notes