A new series of blogs starts with Practical Linux Forensics.
Are you tired of spending your weekends with expensive and over-hyped cybersecurity textbooks, only to find they lack practical insights? We understand your frustration. That’s why TSC is excited to introduce a refreshing alternative: Eliza’s Cyber Security Book Club.
Join our CEO – Eliza-May Austin, a seasoned leader with extensive experience in the field – as she dives into some of the most challenging topics in cyber security. Unlike many books written by authors who simply enjoy writing, Eliza brings her real-world expertise and senior leadership perspective to the table, providing honest and insightful reviews of the texts she has tackled.
In Eliza’s Cyber Security Book Club, you’ll gain valuable perspectives from a true practitioner and leader. So grab a cuppa, get ready to explore cyber security like never before, and embark on a journey through the most critical issues in the field.
WEEK 1: "Practical Linux Forensics - a guide for digital investigators" by Bruce Nikkel
There is a wealth of books on digital forensics available, many focusing on Windows forensics. However, if you need a reliable companion for Linux forensics, “Practical Linux Forensics – a guide for digital investigators” is a solid option.
It’s clearly written by a forensics practitioner with an impressive understanding of Linux systems. Often, Linux forensics is mistakenly seen as something you can apply Windows forensics principles to, with just a few tweaks. This is misleading, as a basic understanding of file system structures highlights the challenges of treating Linux as just another type of Windows-based product for assessment.
“Practical Linux Forensics” is accessible in its delivery; the language is neither overly academic nor too advanced, though it is certainly not basic. For example, it assumes you know what slack space is, but it provides enough detail that you won’t need to look it up afterward. You’ll find commands you can run to extract a system journal, though it won’t break down every part of the output or explain the command structure in detail.
Thus, an understanding of Linux is required, but not how forensics applies to Linux. That’s the book’s purpose; to teach you that side of Linux.
Rating "Practical Linux Forensics - a guide for digital investigators"
So on a scale of 1 to 5, what do I rate this book?
For what it is — a companion book for sysadmins or Linux practitioners to refresh their knowledge — I’d give it a 5/5!
Written in 2022, the core principles of Linux file structures and system monitoring remain relevant despite the fast pace of forensics. It’s definitely a title that I think you should check out!
Technical rating: 3/5
Experience rating: 3/5
Seniority required: 1/5
Get your own copy!
Find out if you agree with Eliza’s assessment; pick up a copy from Amazon. Please note, we don’t make any commission through this link!
COMING UP NEXT WEEK…
“Digital Forensics With Open Source Tools” by Cory Altheide and Harlan Carvey.
