Examining the art of computer forensics
A Last Resort
If you are considering running binutils tools – for example, to extract the symbol table (with <nm), or even disassemble the machine code (objdump might help) – your mileage will vary. Usually, this technique is a last resort.
Conclusion
The simple strategies we've described might help you catch a thief in the act, but if the intruder is a seasoned professional, or if you need to worry about maintaining a formal, documented process for collecting evidence, you'll need something more.
Read on for more about the tools and techniques of computer forensics.
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)