Cisco is happy to announce a brand new addition to the Forensic Investigation Procedures for First Responders collection of paperwork that may assist prospects and companions triage Cisco merchandise which might be suspected of being tampered with or compromised. These guides present step-by-step directions for first responders that can be utilized to evaluate platform integrity and acquire info that can be utilized for forensic evaluation.
This new doc is accessible on the Cisco.com Safety Portal underneath Tactical Sources, Responding to a Safety Incident.
The next is a abstract of the brand new doc simply launched, together with a short description.
This doc offers steps for assessing the integrity of and accumulating forensic info from the Cisco ASR5000 and ASR5500 household of platforms, and Quantum Digital Packet Core (QVPC) digital machines working Cisco StarOS Software program.
This doc incorporates procedures for accumulating platform configuration and runtime state, verifying the hash worth of the StarOS system picture file, gathering core information from important system processes, and accumulating non-volatile system info and artifacts, together with course of lists, put in kernel modules, IP tables, and the system startup script.
We’d love to listen to what you assume. Ask a Query, Remark Under, and Keep Related with Cisco Safe on social!
Cisco Safe Social Channels