Customer Reviews

Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes

5 star:		(1)
4 star:		(0)
3 star:		(2)
2 star:		(0)
1 star:		(0)

 

 

This book is an excellent follow-on book to Computer Forensics: Incident Response Essentials by Kruse and Heiser, which introduces the fundamentals. This book goes much deeper and is more technical than the Kruse and Heise, therefore the ideal audience is practicing professionals who have prior experience in forensics and a wide range of hardware, software and network knowledge.

Tools and techniques are presented in painstaking detail. I was unable to find a single gap or omission, which speaks highly of the editorial and review process behind this book's 464 pages. While most technical disciplines can dispense with finer details, the nature of forensics is to overlook nothing. If you find the step-by-step thoroughness boring that is an indication that forensics may not be your forte; if you're an experienced professional you'll appreciate the coverage of every technique or use of tools.

While the discussion of tools and techniques will satisfy even the most experienced practitioner, I found the detailed discussion of legal aspects, HR considerations and overall security and incident response processes to be the book's strongest points. This area is what sets forensics experts apart from technicians, and it is here that the book (in my opinion) adds the most value. Procedures ranging from how to properly gather, preserve and control evidence, to legal considerations for designing processes are covered in clear language, as are US and international legal guidelines.

Parts that I especially like include: intrusion management and profiling, up-to-date information on electronic commerce legal issues, the numerous checklists and cited resources, and the clearly delineated process for dealing with incidents.

If you're new to forensics you will probably get more from this book by first reading Computer Forensics: Incident Response Essentials by Kruse and Heiser. If, however, you have previous computer forensics experience or are currently serving in that role this book is probably one of the best investments you can make.

I didn't want to influence the overall rating of the book, so I gave it 3 stars. Can't give 2 1/2.

THIS IS THE 1ST EDITION PUBLISHED IN 2002!!!!!! THERE IS A NEW VERSION (PUBLISHED DECEMBER 2007) AVAILABLE!!!

I have notified Amazon of this and I am sure they will address it as soon as they can. However, I didn't want someone else to buy it and receive a different edition than what they expected. If you do want the 1st edition then go ahead and order away. But, if you want the 2nd edition, Amazon does sell it also.

Same title, Same authors, Same publisher, Different edition

[...]

I was looking for a book that would teach me how to do things. I can find lots of information on the internet, but I wanted techniques collaborated in one book by a professional. What I found was a lot of legal background, and historical background. I am not starting a computer forensics firm, but I do want to be able to track down, if some sort of mishap occurs. This book provides low level information, like dissecting Netscape, and going through and showing you how to track someone's steps through Netscape Navigator. I wanted some more practical knowledge that I could use to fight spammers, or to show me how to deal with intrusions on my system. I was disappointed with this book, but I hope that you won't be.