Join Amazon Prime and get unlimited Free One-Day Delivery. Already a member? Sign in.
Perfect Partner
Customers Who Bought This Item Also Bought
File System Forensic Analysis by Brian Carrier
£21.59
|
Real Digital Forensics: Computer Security and Incident Response by Keith J. Jones  (1)
£23.39
|
Windows Forensics and Incident Recovery by Harlan Carvey
£30.39
|
Windows Forensic Analysis DVD Toolkit with DVD: DVD Toolkit by Harlan Carvey (1)
£31.34
|
Digital Evidence and Computer Crime by Eoghan Casey  (1)
£47.49
|
Product details
Would you like to update product info or give feedback on images?
|
| Customers Viewing This Page May Be Interested in These Sponsored Links (What is this?) |
Forensic Science at NTU
www.ntu.ac.uk
Want to study Forensic Science? Take a look at our science courses
Crime & Justice Institute
www.port.ac.uk/icjs-courses
Postgraduate study at Portsmouth Distance and University courses
Forensic Courses
www.AcfeI.com
Forensics Science Education Online Courses for Forensics
Product Description
Synopsis
Forensic computing is gathering and analyzing data in a manner as free from distortion as possible to reconstruct data or what has happened in the past on a system. Many of the tools presented in this book were developed and used first by the authors. This is the book by the people who wrote the original versions of forensic tools that are now widely used. The thrust of the book deals with the collection and use of computer evidence to apprehend the hacker and, once apprehended, to either prosecute or defend. The majority of examples are from Solaris, FreeBSD, and Linux systems, Microsoft's Windows shows up as well.
From the Back Cover
"Don't look now, but your fingerprints are all over the cover of this book. Simply picking it up off the shelf to read the cover has left a trail of evidence that you were here.
"If you think book covers are bad, computers are worse. Every time you use a computer, you leave elephant-sized tracks all over it. As Dan and Wietse show, even people trying to be sneaky leave evidence all over, sometimes in surprising places.
"This book is about computer archeology. It's about finding out what might have been based on what is left behind. So pick up a tool and dig in. There's plenty to learn from these masters of computer security."
--Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting Software and Building Secure Software
"A wonderful book. Beyond its obvious uses, it also teaches a great deal about operating system internals."
--Steve Bellovin, coauthor of Firewalls and Internet Security, Second Edition, and Columbia University professor
"A must-have reference book for anyone doing computer forensics. Dan and Wietse have done an excellent job of taking the guesswork out of a difficult topic."
--Brad Powell, chief security architect, Sun Microsystems, Inc.
"Farmer and Venema provide the essential guide to 'fossil' data. Not only do they clearly describe what you can find during a forensic investigation, they also provide research found nowhere else about how long data remains on disk and in memory. If you ever expect to look at an exploited system, I highly recommend reading this book."
--Rik Farrow, Consultant, author of Internet Security for Home and Office
"Farmer and Venema do for digital archaeology what Indiana Jones did for historical archaeology. Forensic Discovery unearths hidden treasures in enlightening and entertaining ways, showing how a time-centric approach to computer forensics reveals even the cleverest intruder."
--Richard Bejtlich, technical director, ManTech CFIA, and author of The Tao of Network Security Monitoring
"Farmer and Venema are 'hackers' of the old school- They delight in understanding computers at every level and finding new ways to apply existing information and tools to the solution of complex problems."
--Muffy Barkocy, Senior Web Developer, Shopping.com
"This book presents digital forensics from a unique perspective because it examines the systems that create digital evidence in addition to the techniques used to find it. I would recommend this book to anyone interested in learning more about digital evidence from UNIX systems."
--Brian Carrier, digital forensics researcher, and author of File System Forensic AnalysisThe Definitive Guide to Computer Forensics- Theory and Hands-On Practice
Computer forensics--the art and science of gathering and analyzing digital evidence, reconstructing data and attacks, and tracking perpetrators--is becoming ever more important as IT and law enforcement professionals face an epidemic in computer crime. In Forensic Discovery, two internationally recognized experts present a thorough and realistic guide to the subject.
Dan Farmer and Wietse Venema cover both theory and hands-on practice, introducing a powerful approach that can often recover evidence considered lost forever.
The authors draw on their extensive firsthand experience to cover everything from file systems, to memory and kernel hacks, to malware. They expose a wide variety of computer forensics myths that often stand in the way of success. Readers will find extensive examples from Solaris, FreeBSD, Linux, and Microsoft Windows, as well as practical guidance for writing one's own forensic tools. The authors are singularly well-qualified to write this book- They personally created some of the most popular security tools ever written, from the legendary SATAN network scanner to the powerful Coroner's Toolkit for analyzing UNIX break-ins.
After reading this book you will be able to
Understand essential forensics concepts- volatility, layering, and trust
Gather the maximum amount of reliable evidence from a running system
Recover partially destroyed information--and make sense of it
Timeline your system- understand what really happened when
Uncover secret changes to everything from system utilities to kernel modules
Avoid cover-ups and evidence traps set by intruders
Identify the digital footprints associated with suspicious activity
Understand file systems from a forensic analyst's point of view
Analyze malware--without giving it a chance to escape
Capture and examine the contents of main memory on running systems
Walk through the unraveling of an intrusion, one step at a time
The book's companion Web site contains complete source and binary code for open source software discussed in the book, plus additional computer forensics case studies and resource links.
See all Product Description
Forensic computing is gathering and analyzing data in a manner as free from distortion as possible to reconstruct data or what has happened in the past on a system. Many of the tools presented in this book were developed and used first by the authors. This is the book by the people who wrote the original versions of forensic tools that are now widely used. The thrust of the book deals with the collection and use of computer evidence to apprehend the hacker and, once apprehended, to either prosecute or defend. The majority of examples are from Solaris, FreeBSD, and Linux systems, Microsoft's Windows shows up as well.
From the Back Cover
"Don't look now, but your fingerprints are all over the cover of this book. Simply picking it up off the shelf to read the cover has left a trail of evidence that you were here.
"If you think book covers are bad, computers are worse. Every time you use a computer, you leave elephant-sized tracks all over it. As Dan and Wietse show, even people trying to be sneaky leave evidence all over, sometimes in surprising places.
"This book is about computer archeology. It's about finding out what might have been based on what is left behind. So pick up a tool and dig in. There's plenty to learn from these masters of computer security."
--Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting Software and Building Secure Software
"A wonderful book. Beyond its obvious uses, it also teaches a great deal about operating system internals."
--Steve Bellovin, coauthor of Firewalls and Internet Security, Second Edition, and Columbia University professor
"A must-have reference book for anyone doing computer forensics. Dan and Wietse have done an excellent job of taking the guesswork out of a difficult topic."
--Brad Powell, chief security architect, Sun Microsystems, Inc.
"Farmer and Venema provide the essential guide to 'fossil' data. Not only do they clearly describe what you can find during a forensic investigation, they also provide research found nowhere else about how long data remains on disk and in memory. If you ever expect to look at an exploited system, I highly recommend reading this book."
--Rik Farrow, Consultant, author of Internet Security for Home and Office
"Farmer and Venema do for digital archaeology what Indiana Jones did for historical archaeology. Forensic Discovery unearths hidden treasures in enlightening and entertaining ways, showing how a time-centric approach to computer forensics reveals even the cleverest intruder."
--Richard Bejtlich, technical director, ManTech CFIA, and author of The Tao of Network Security Monitoring
"Farmer and Venema are 'hackers' of the old school- They delight in understanding computers at every level and finding new ways to apply existing information and tools to the solution of complex problems."
--Muffy Barkocy, Senior Web Developer, Shopping.com
"This book presents digital forensics from a unique perspective because it examines the systems that create digital evidence in addition to the techniques used to find it. I would recommend this book to anyone interested in learning more about digital evidence from UNIX systems."
--Brian Carrier, digital forensics researcher, and author of File System Forensic AnalysisThe Definitive Guide to Computer Forensics- Theory and Hands-On Practice
Computer forensics--the art and science of gathering and analyzing digital evidence, reconstructing data and attacks, and tracking perpetrators--is becoming ever more important as IT and law enforcement professionals face an epidemic in computer crime. In Forensic Discovery, two internationally recognized experts present a thorough and realistic guide to the subject.
Dan Farmer and Wietse Venema cover both theory and hands-on practice, introducing a powerful approach that can often recover evidence considered lost forever.
The authors draw on their extensive firsthand experience to cover everything from file systems, to memory and kernel hacks, to malware. They expose a wide variety of computer forensics myths that often stand in the way of success. Readers will find extensive examples from Solaris, FreeBSD, Linux, and Microsoft Windows, as well as practical guidance for writing one's own forensic tools. The authors are singularly well-qualified to write this book- They personally created some of the most popular security tools ever written, from the legendary SATAN network scanner to the powerful Coroner's Toolkit for analyzing UNIX break-ins.
After reading this book you will be able to
Understand essential forensics concepts- volatility, layering, and trust
Gather the maximum amount of reliable evidence from a running system
Recover partially destroyed information--and make sense of it
Timeline your system- understand what really happened when
Uncover secret changes to everything from system utilities to kernel modules
Avoid cover-ups and evidence traps set by intruders
Identify the digital footprints associated with suspicious activity
Understand file systems from a forensic analyst's point of view
Analyze malware--without giving it a chance to escape
Capture and examine the contents of main memory on running systems
Walk through the unraveling of an intrusion, one step at a time
The book's companion Web site contains complete source and binary code for open source software discussed in the book, plus additional computer forensics case studies and resource links.
See all Product Description