Linux Anti forensics techniques:-

1.Data Destruction:- If the culprit has committed a serious crime and culprit is very much serious about not leaving a trace or footprint so that he/she can be caught be law enforcement agencies one tries to destruct the data totally even while destructing the data one takes care of wiping techniques and use them in a very efficient manner so that no clue is left even one also take care of the log files so that there is no record left of the recent activities which has been performed by the culprit.

2.Physical Destruction:- If culprit is not able to destruct the data digitally of the computer on which or by using which one has performed the illegal activity culprits tries to destruct the data physically for eg:- cracking up the harddisk, or by using high volt electric supply so that it can get busted by itself and no evidence and following these there are many more techniques by which one can destroy the data.

3.Evidence Hiding:-

This is the method which is used by both the crime culprit and also by law enforcement agencies so that they can hide the data which are confidential in case of law enforcement agencies, but in case of the cyber criminal he/she hides the data to make the data undetectable or in other words one tries to distract the forensics examiner, by encrypting the data into a normal files such as:- images PDFs and etc.

4.Erasing the source:- This is the most basic source which can be done easily by the cyber criminal and it is very much easy and efficient system or in other words you can say it is source using which enables a mode of 0 traces of previous record and it can be done by formatting the disk or drive which cause the destruction of data fully.

5.Linux anti forensics technique usage workflow for Law enforcement and Cyber Criminal

Hope this post is informational

56 views0 comments

Recent Posts

See All