There's Gold in Them Thar Package Management Database

Provided by: SecurityTube.net Topic: Software Format: Podcast
There is a lot of useful file metadata stored in package management databases for popular Linux distributions. The RedHat Package Manager (RPM) and Debian's dpkg are two examples. In this podcast, the speaker focus on how to leverage RPM in forensic investigations, as it can provide a quick and effective way to find changed files that warrant more in-depth analysis.

Find By Topic