Hacking Exposed Computer Forensics: Computer Forensics Secrets & Solutions: Computer Forensics Secrets and Solutions Paperback – 1 Dec 2004
There is a newer edition of this item:
Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
From the Back Cover
Learn the secrets and strategies for investigating computer crime
Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You’ll get expert information on crucial procedures to prosecute violators successfully while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It’s all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you’ll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies.
Digital sleuthing techniques that will withstand judicial scrutiny
Inside, you’ll learn to:
- Plan and prepare for all stages of an investigation using the proven Hacking Exposed methodology
- Work with and store evidence in a properly configured forensic lab
- Deploy an effective case management strategy to collect material, document findings, and archive results
- Covertly investigate, triage, and work with remote data across the network
- Recover partitions, INFO records, and deleted, wiped, and hidden files
- Acquire, authenticate, and analyze evidence from Windows, UNIX, and Macintosh systems using the latest hardware and software tools
- Use forensic tools to uncover obscured code, file mismatches, and invalid signatures
- Extract client and Web-based email artifacts using Email Examiner, EnCase, Forensic Toolkit, and open source tools
- Handle enterprise storage like RAIDs, SANs, NAS, and tape backup libraries
- Recover vital data from handheld devices such as PDAs and cell phones
About the Authors: Chris Davis, CISSP, is a Computer Forensics Examiner for Texas Instruments. He has trained and presented at Black Hat, ISSA, CISA, ConSecWest, McCombs School of Business, PlanetPDA, and 3GSM World Congress.
Aaron Philipp, CISSP, is the co-founder of Affect Consulting. He has taught classes at Black Hat, McCombs School of Business - UT Austin, and various military organizations.
Dave Cowen, CISSP, Senior Consultant at Fios, has extensive experience in security research, application security testing, penetration testing, and computer forensic analysis. He is an expert witness and a regular speaker on computer forensics.
About the Author
Chris Davis, (Carrollton, TX) CISSP, is a Computer Forensics Examiner for Texas Instruments.
Aaron Philipp, (Austin, TX) CISSP, has extensive experience in the field of Forensics.
Dave Cowen, (Richardson, TX) CISSP, has extensive experience and training in security research, application security testing, penetration testing and computer forensic analysis in both computer and telecommunications systems and software.
Top Customer Reviews
After the first couple of chapters (good overviews of forensics process and computer hardware) this book seems to focus very heavily on the legal implications of computer forensics, and not the technical aspects. The legal focus is on the USA judicial system. The technical recommendations all seem to be focused around buying one piece of software, Encase, which is drummed into you on nearly every page.
As for the sub-title, 'Secrets & Solutions', there is very little to try at home or even in a basic test lab.
Also, the item description states that there is a CD-ROM in this book. There isn't.
Most Helpful Customer Reviews on Amazon.com (beta)
The book does a good job of filling you in with the background technical details as well as providing practical knowledge you can use on a day to day basis. In addition to serving as an accesible introduction to both the technical and legal sides of computer forensics, the book is a useful reference with many clear, detailed examples.
The computer side of the book offered advice on working with Windows, Linux, and Macintosh systems. I especially appreciated the section on Macs. Having worked primarily with Linux and Windows, I found the Mac details to be extremely interesting.
While I have not had to deal with the legal side of computer forensics, I found the legal sections to be interesting reading.
I would reccomend this book strongly to technical people whether or not they are interested in law enforcement, as it provides a good deal of information useful to system administrators as well as advanced users.
One of the book's best features is also one of it's biggest weaknesses: if you don't have access to at least one of the software packages demonstrated in the book, the book's value decreases substantially. Although not said in so many words, the implication is that if you don't have one of these tools, your investigation will be much more difficult, if not impossible.
Given the dryness and specificity of the writing, although the book is wellwritten, I would have trouble recommending it to anyone not currently already doing that type of work.
The examples are based on commercial tools only - while I'm certain that there are many open source tools available also.
The book contains more than 100 pages of forms and explanations of the legal process, which is nice, but not what I would have expected from a Hacking Exposed book