Question
Please answer all three questions for thumbs up a) Assume that alter the grep command to search the var/log/messages file for the IP address of
Please answer all three questions for thumbs up
a) Assume that alter the grep command to search the var/log/messages file for the IP address of 5.79.11.202. For example;
What type of network forensic evidence can we discover about IP address 5.79.11.202 from the preceding grep example?
d)
Linux will store DNS network forensic evidence in /var/log/messages file. Since Linux stores a lot of evidence, the grep commands is used to filter the message log and will search for www.reddit.com
The following is a sample of one DNS forward lookup.
Describe and explain the network forensic evidence for each field of this entry using the following table
c) Why is important to periodically monitor and provide a baseline of the top 5000 domain names being accessed by your organization?
# grep 5 . 79. 11. 202 /var/log/messages 1457131141.17235911192.168.75.4511192.168.75.111INI Idcs.cb.philips.com. I JA115.79.11.2021119101 11 # grep 5 . 79. 11. 202 /var/log/messages 1457131141.17235911192.168.75.4511192.168.75.111INI Idcs.cb.philips.com. I JA115.79.11.2021119101 11Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Database Theory And Application International Conference DTA 2009 Held As Part Of The Future Generation Information Technology Conference FGIT In Computer And Information Science 64
Authors: Dominik Slezak ,Yanchun Zhang
2009th Edition
3642105823, 978-3642105821
