This assignment will revolve around a basic Linux Forensic Image (20GB) that can be downloaded from the following link (LinuxTestImage.zip). Once downloaded I want you to answer the following forensic questions using the tools/techniques that you learned about this week:
How many partitions does this forensic image contain and can you locate the partition for the Linux filesystem? Are there any physical or logical volumes, if so what are some details you can extract from these? Was this image from a drive in a RAID, if so what is the RAID type and how many other drives were in this RAID? What is a Linux based tool that can be used to list all known files in a Linux image, and how can this be used to locate files relating to the dirtycow exploit. As an added challenge dig through the forensic image further to see if you can locate any other exploits, feel free to use tools like FTK Imager or Axiom if you would like. What other exploits can you find and what could they do to the system? Once you answer all 5 forensic questions please submit your report in a .doc or .docx format. Please also make sure to use the proper reporting format and proper citations if you include any.