Rather than going into aspects of this discussion that have already been covered such as how Linux and BSD generally differ, I would instead like to focus on a few core utilities commonly used in/for DFIR artifact analysis and some caveats that may cause you some headache or even prevent you from getting the full set of results you’d expect. And, the differences can range from those that can cause a simple nuisance to those that can cause oversight of critical data. Well, I’m here to say… thy basic command line utilities art not the same across different distributions.
How and why could/would they possibly differ? I mean, they’re basic command line tools. Have you ever wondered if/how *nix command line utilities may differ across distributions? Perhaps it never even occurred to you that there was even a possibility the tools were any different. Welcome to first post in the “Know Your Tools” series!
0 kommentar(er)
