Howdy While it's not directly related to your query you may find these posts interesting:
http://lorgor.blogspot.com/2010/11/volatility-mem-forensics-iiiusing.html http://lorgor.blogspot.com/2010/11/volatility-memory-forensics-iiusing.html http://dfsforensics.blogspot.com/2011/03/bringing-linux-support-to-volatility.html There were a couple of interesting posts from SANS on the OS X side of things here: http://computer-forensics.sans.org/blog/2011/02/04/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-2 http://computer-forensics.sans.org/blog/2011/01/28/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-1 And the latest challenge from the HoneyNet project will give you ample chances to practice.. http://honeynet.org/challenges/2011_7_compromised_server As for books, I'm still looking myself. Mostly I just read blog posts and try and practice as much as I can. I hope this helps... Matt Erasmus // <[email protected]> // @mattdoterasmus (keep calm and carry on) _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
