Skip to main content
Open Access Publications from the University of California

UC Davis

UC Davis Previously Published Works bannerUC Davis

Forensics For System Administrators

  • Author(s): Peisert, Sean
  • et al.

The word forensic analysis conjures up images of Sherlock Holmes, or scientists adorned with lab-coats, hunched over corpses. But in this article, I will lead you through steps that you can take to analyse compromised computer systems. While forensics carries with it legal connotations, requirements for evidence collection, and analysis at a level unattainable by most system administrators, my focus is what you can do without years of experience. In this article, we will walk through a pair of real, recent intrusion examples to help assist non-professional analysts with accomplishing common forensic goals.

Many UC-authored scholarly publications are freely available on this site because of the UC's open access policies. Let us know how this access is important for you.

Main Content
Current View