Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Linux-Forensic-Checklist
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
6
Issues
6
List
Boards
Labels
Service Desk
Milestones
Merge Requests
1
Merge Requests
1
Operations
Operations
Incidents
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
KIT-CERT
Linux-Forensic-Checklist
Commits
60798e18
Commit
60798e18
authored
May 11, 2016
by
heiko.reese
💤
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Finally fixed all the iptables-bugs.
parent
14a9e7d5
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
2 additions
and
2 deletions
+2
-2
Linux-Forensics-Checklist.md
Linux-Forensics-Checklist.md
+2
-2
No files found.
Linux-Forensics-Checklist.md
View file @
60798e18
...
...
@@ -153,7 +153,7 @@ done
Capture iptable's state:
```
sh
# --verbose --numeric --exact --list --table
for
table
in
filter nat mangle raw
;
do
iptables
-v
-n
-x
-L
-t
>
iptables_vnxL_t
${
t
}
.txt
;
done
for
table
in
filter nat mangle raw
;
do
iptables
-v
-n
-x
-L
-t
${
table
}
>
iptables_vnxL_t
${
table
}
.txt
;
done
for
table
in
filter mangle raw
;
do
ip6tables
-n
-t
${
table
}
-L
-v
-x
>
ip6tables_nt_
${
table
}
.txt
;
done
for
table
in
filter nat broute
;
do
ebtables
-L
--Lmac2
--Lc
-t
${
table
}
>
ebtables_L_Lmac_Lc_t_
${
table
}
.txt
;
done
```
...
...
@@ -290,7 +290,7 @@ available for Linux at the time of writing.
Check for shared memory segments:
```
sh
# look for /dev/shms
less /proc/
${
PID
}
/map
cat
/proc/
${
PID
}
/maps
```
Save some more state information about the process. The available data in the
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment