Assignment 10

                   cns06  revised: 9/20/06

Assigned: 11/14/06
Due: 6:00pm 12/2/06  

Objective: linux forensics

Points: 22

You will find 11 files (file1 thru file11) in ~dunigan/cns06/forensics/

Your job is to determine what each file is and what it does.
If you find compressed/Zip'd files, uncompress them and continue further
analysis.  Some are executables and may or may not run under linux,
but they should do no harm if you do try to run them.

For each file indicate its type (executable binary, script, data, ...),
what you think it does, and which tools were most helpful.
Also for each file, indicate if you would be suspicious if you found the file
in a user's home directory.

linux tools you can use include: 
   file   nm   ldd  strace   strings  ls   grep   objdump
   gzip  unzip

For a two point bonus, see if you can decipher the bonus file.
Hackers often hide file contents with a simple byte XOR encryption.

Email your answers to me (dunigan@cs.utk.edu).