Computer Forensics: Incident Response Essentials

Computer Forensics: Incident Response Essentials

4.0 6
by Warren G. Kruse, Jay G. Heiser
     
 

View All Available Formats & Editions

ISBN-10: 0201707195

ISBN-13: 9780201707199

Pub. Date: 09/28/2001

Publisher: Addison-Wesley

Every computer crime leaves tracks—you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene.

Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard

Overview

Every computer crime leaves tracks—you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene.

Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity.

Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding.

Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics process—from the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered.

This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three A's of computer forensics:

  • Acquire the evidence without altering or damaging the original data.
  • Authenticate that your recorded evidence is the same as the original seized data.
  • Analyze the data without modifying the recovered data.

Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography.

0201707195B09052001

Product Details

ISBN-13:
9780201707199
Publisher:
Addison-Wesley
Publication date:
09/28/2001
Pages:
416
Product dimensions:
7.40(w) x 9.10(h) x 0.87(d)

Table of Contents

Preface.

Acknowledgments.

1. Introduction to Computer Forensics.

2. Tracking an Offender.

3. The Basics of Hard Drives and Storage.

4. Encryption and Forensics.

5. Data Hiding.

6. Hostile Code.

7. Your Electronic Toolkit.

8. Investigating Windows Computers.

9. Introduction to Unix for Forensic Examiners.

10. Compromising a Unix Host.

11. Investigating a Unix Host.

12. Introduction to the Criminal Justice System.

13. Conclusion.

Appendix A. Internet Data Center Response Plan.

Appendix B. Incident Response Triage Questionnaire.

Appendix C. How to Become a Unix Guru.

Appendix D. Exporting a Windows 2000 Personal Certificate.

Appendix E. How to Crowbar Unix Hosts.

Appendix F. Creating a Linux Boot CD.

Appendix G. Contents of a Forensic CD.

Annotated Bibliography.

Index. 0201707195T09182001

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >

Computer Forensics: Incident Response Essentials 3.5 out of 5 based on 0 ratings. 4 reviews.
Anonymous More than 1 year ago
The little ginger cat with green eyes and a twisted fore paw padded up to the beginning of the trees. "I really hope the group of cats exists. I they don't, l'll have to go back to my housefolk. I don't like the vet, and they'll most surely take me to the Cutter!" She continue to walk, the foliage thickening.
Anonymous More than 1 year ago
Looked around feeling uncomfortable with less trees. He quickly madea sent and chased a rabit as far as he could before moving on
Anonymous More than 1 year ago
Here is where the forest ends. You will notice it by the trees starting to thin, and the undergrowth replaced by grasses. Some rabbits are here, but they are hard to catch, and if thwy cross the border, you cannot follow them. Eventially, the trees will be gone completely, and then, you have come to the edge of our territory. The scent-marker must be laid daily here.<br> ~$ilverstar
Guest More than 1 year ago
This is one of the best primers on Computer Forensics out there. It is comprehensive, covers in enough depth to be useful, and is practical in its use. I would recommend this book to anyone interested in getting started in Forensics. The only negative is the dating - this would be better if it were