| 000 | 04942cam a2200613Ii 4500 | ||
|---|---|---|---|
| 001 | ocn949752822 | ||
| 003 | OCoLC | ||
| 005 | 20190328114815.0 | ||
| 006 | m o d | ||
| 007 | cr |n||||||||| | ||
| 008 | 160512s2016 mau o 001 0 eng d | ||
| 040 |
_aYDXCP _beng _erda _epn _cYDXCP _dOPELS _dOCLCF _dN$T _dCOO _dD6H _dK6U _dDEBSZ _dLIV _dU3W _dOCLCA _dVVB _dEZ9 _dAU@ _dWYU |
||
| 019 |
_a958083936 _a958392745 |
||
| 020 |
_a9780128045039 _q(electronic bk.) |
||
| 020 |
_a0128045035 _q(electronic bk.) |
||
| 020 | _z012804456X | ||
| 020 | _z9780128044568 | ||
| 035 |
_a(OCoLC)949752822 _z(OCoLC)958083936 _z(OCoLC)958392745 |
||
| 050 | 4 | _aQA76.9.A25 | |
| 072 | 7 |
_aCOM _x060040 _2bisacsh |
|
| 072 | 7 |
_aCOM _x043050 _2bisacsh |
|
| 072 | 7 |
_aCOM _x053000 _2bisacsh |
|
| 082 | 0 | 4 |
_a005.8 _223 |
| 100 | 1 |
_aBradley, Jaron, _eauthor. |
|
| 245 | 1 | 0 |
_aOS X incident response : scripting and analysis / _h[electronic resource] _cJaron Bradley. |
| 264 | 1 |
_aCambridge, MA : _bSyngress Publishers is an imprint of Elsevier, _c2016. |
|
| 300 | _a1 online resource. | ||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_acomputer _bc _2rdamedia |
||
| 338 |
_aonline resource _bcr _2rdacarrier |
||
| 500 | _aIncludes index. | ||
| 588 | 0 | _aOnline resource; title from PDF title page (ScienceDirect, viewed May 19, 2016). | |
| 504 | _aIncludes bibliographical references. | ||
| 520 |
_aWritten for analysts who are looking to expand their understanding of a lesser-known operating system, this book focuses exclusively on OS X attacks, incident response, and forensics, and covers a wide variety of topics, including both the collection and analysis of the forensic pieces found on the OS. -- _cEdited summary from book. |
||
| 505 | 0 | _aCover; Title Page; Copyright Page; Contents; Acknowledgments ; Chapter 1 -- Introduction; Is there really a threat to OS X?; What is OS X; The XNU Kernel; Digging Deeper; Requirements; Forensically sound versus incident response; Incident Response Process; The Kill Chain; Applying the Killchain; Analysis environment; Malware Scenario; Chapter 2 -- Incident Response Basics; Introduction; Picking a language; Python; Ruby; Bash; Root versus nonroot; Yara; Basic Commands for Every Day Analysis; grep; egrep; cut; awk; sed; sort; uniq; Starting an IR Script; Collection; Analysis; Analysis Scripts. | |
| 505 | 8 | _aYarafly.shYara Results Sorted and Counted; Conclusion; Chapter 3 -- Bash Commands; Introduction; Basic Bash commands; System Info; date; hostname; uptime; sw_vers; uname (-a); spctl ( -- status); bash -version; Who Info; whoami; who; w; finger (-m); last (); screen (-ls) (-x); User information; id; groups; printenv; dscl . -ls /Users; Process Information; ps (aux); Network Information; ifconfig; netstat (-ru) (-an); lsof (-p ) (-i); smbutil (statshares -a); arp (-a); security dump-trust-settings (-s) (-d); networksetup; System startup; launchctl list; crontab -l; atq; kextstat. | |
| 505 | 8 | _aAdditional Commandsmdfind (-name) (-onlyin); sysctl (-a); history; security list-keychains; nvram; du -h; diskutil list; Miscellaneous; codesign (-d) (-vv); file; md5; tcpdump; printenv; nettop (-m); DTrace; Bash Environment Variables; Scripting the Collection; Analysis; Conclusion; Chapter 4 -- File System; Introduction; Brief history; HFS+ overview; Volume Header; Allocation File; Catalog File; Attributes B-Tree; Inodes, Timestamps, Permissions, and Ownership; Inodes; Timestamps; Timestamps for Files; Timestamps for Folders; Permissions; Special File Permissions; Directory Permissions. | |
| 505 | 8 | _aSticky BitExtended Attributes; Access Control Lists; Resource Forks; File Types and Traits; OS X Specific File Extensions; .dmg; .kext; .plist; .app; .dylib; .pkg; Mach-O binary; Popular Scripting Languages Found on OS X; File Hierarchy Layout; /Applications; /Library; /System; /Users; /Volumes; /.vol; /bin; /usr; /cores; /sbin; /dev; /etc; /tmp; /private; /var; Miscellaneous Files; Hidden Files and Directories; .DS_Store; .Spotlight-V100; .metadata_never_index; .noindex; File Artifacts; Logs and Rotation; Key File Artifacts. | |
| 630 | 0 | 0 | _aMac OS. |
| 630 | 0 | 7 |
_aMac OS. _2fast _0(OCoLC)fst01386304 |
| 650 | 7 |
_aCOMPUTERS _xSecurity _xOnline Safety & Privacy. _2bisacsh |
|
| 650 | 7 |
_aCOMPUTERS _xSecurity _xNetworking. _2bisacsh |
|
| 650 | 7 |
_aCOMPUTERS _xSecurity _xGeneral. _2bisacsh |
|
| 650 | 0 | _aComputer security. | |
| 650 | 0 | _aIntrusion detection systems (Computer security) | |
| 650 | 0 |
_aComputer crimes _xInvestigation. |
|
| 650 | 7 |
_aComputer crimes _xInvestigation. _2fast _0(OCoLC)fst00872065 |
|
| 650 | 7 |
_aComputer security. _2fast _0(OCoLC)fst00872484 |
|
| 650 | 7 |
_aIntrusion detection systems (Computer security) _2fast _0(OCoLC)fst01762593 |
|
| 655 | 4 | _aElectronic books. | |
| 655 | 0 | _aElectronic books. | |
| 776 | 0 | 8 |
_iPrint version: _z012804456X _z9780128044568 _w(OCoLC)944209939 |
| 856 | 4 | 0 |
_3ScienceDirect _uhttp://www.sciencedirect.com/science/book/9780128044568 |
| 999 |
_c247331 _d247331 |
||