Praise for Forensic Discovery
"Farmer and Venema do for digital archaeology what Indiana Jones did for historical archaeology. Forensic Discovery unearths hidden treasures in enlightening and entertaining ways, showing how a time-centric approach to computer forensics reveals even the cleverest intruder. I highly recommend reading this book."
--Richard Bejtlich, TaoSecurity
Praise for Real Digital Forensics
" Real Digital Forensics is as practical as a printed book can be. In a very methodical fashion, the authors cover live response (Unix, Windows), network-based forensics following the NSM model (Unix, Windows), forensics duplication, common forensics analysis techniques (such as file recovery and Internet history review), hostile binary analysis (Unix, Windows), creating a forensics toolkit and PDA, flash and USB drive forensics. The book is both comprehensive and in-depth; following the text and trying the investigations using the enclosed DVD definitely presents an effective way to learn forensic techniques."
--Anton Chuvakin, LogLogic
Praise for File System Forensic Analysis
"Carrier has achieved what few technical authors do, namely a clear explanation of highly technical topics that retains a level of detail making it valuable for the long term. For anyone looking seriously at electronic forensics, this is a must have. File System Forensic Analysis is a great technical resource."
--Jose Nazario, Arbor Networks
The Computer Forensics Library
With the ever-increasing number of computer-related crimes, more and more professionals find themselves needing to conduct a forensics examination. But where to start? What if you don't have the time or resources to take a lengthy training course? We've assembled the works of today's leading forensics experts to help you dive into forensics, give you perspective on the big picture of forensic investigations, and arm you to handle the nitty-gritty technicalities of the toughest cases out there.
Forensic Discovery , the definitive guide, presents a thorough introduction to the field of computer forensics. Authors Dan Farmer and Wietse Venema cover everything from file systems to memory andkernel hacks and malware. They expose many myths about forensics that can stand in the way of success. This succinct book will get you started with the realities of forensics.
Real Digital Forensics allows you to dive right in to an investigation and learn by doing. Authors Keith J. Jones, Richard Bejtlich, and Curtis W. Rose walk you through six detailed, highly realistic investigations and provide a DVD with all the data you need to follow along and practice. Once you understand the big picture of computer forensics, this book will show you what a Unix or Windows investigation really looks like.
File System Forensic Analysis completes the set and provides the information you need to investigate a computer's file system. Most digital evidence is stored within the computer's file system, so many investigations will inevitably lead there. But understanding how the file system works is one of the most technically challenging concepts for digital investigators. With this book, expert Brian Carrier closes out the set by providing details about file system analysis available nowhere else.