There's Gold in Them Thar Package Management Database

There is a lot of useful file metadata stored in package management databases for popular Linux distributions. The RedHat Package Manager (RPM) and Debian's dpkg are two examples. In this podcast, the speaker focus on how to leverage RPM in forensic investigations, as it can provide a quick and effective way to find changed files that warrant more in-depth analysis.

Provided by: Topic: Software Date Added: Jan 2014 Format: Podcast

Find By Topic