Industrial-Sized Deals TextBTS15 Shop Women's Handbags Learn more nav_sap_plcc_6M_fly_beacon Melanie Martinez Fire TV Stick Subscribe & Save Find the Best Purina Pro Plan for Your Pet Shop Popular Services tmnt tmnt tmnt  Amazon Echo Starting at $99 Kindle Voyage Metal Gear Solid 5 Gear Up for Football Deal of the Day
Profile for Jesse G. Lands > Reviews

Browse

Jesse G. Lands' Profile

Customer Reviews: 11
Top Reviewer Ranking: 3,028,812
Helpful Votes: 105


Community Features
Review Discussion Boards
Top Reviewers

Guidelines: Learn more about the ins and outs of Your Profile.

Reviews Written by
Jesse G. Lands RSS Feed (Ohio)
(REAL NAME)   

Show:  
Page: 1 | 2
pixel
iPhone and iOS Forensics: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices
iPhone and iOS Forensics: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices
by Andrew Hoog
Edition: Paperback
Price: $49.69
48 used & new from $2.59

5.0 out of 5 stars Excellent source of information, October 17, 2012
Verified Purchase(What's this?)
iPhone and iOS Forensics is the first iOS forensics book I have read. So at this point I have nothing to compare it to. That being said I have already picked up a number of forensic books to read and contrast it with, but none of the currently available books is as up to date as this one.
The book is roughly three hundred pages without the index and ten pages of that are the Appendix A through C. Unlike other books the appendixes are extremely useful. Many times they are a collection of garbage to add pages, but these are quick reference pages for backup locations, useful tools for forensic investigation of iOS, and the system file structure of an iPhone. Which version the structure references I'm not sure, but most likely whatever was the latest at time of writing.
Of the content there were seven total chapters. I found all the chapters extremely helpful with the exception of the largest chapter. Chapter seven was a review of commercial tools available for forensic analysis of an iOS device. While this chapter was somewhat helpful it was a lot of repetitive data that I am not going to apply to use in most day to day forensic analysis cases.
While chapters one through four had very little in the way of forensics they were actually the most useful chapters in my opinion. The first chapter focused the basics of iphone, models, hardware etc.. and then went into the theory of mobile forensics and how to apply it to the rest of the book
Chapter two covered all the basic information that a forensic examiner may or may not already know and how these basic steps that many examiners might take for granted would apply to a potential investigation.
Chapter three covered the basic filesystem and structure of the iOS operating system. While it was basically a *nix based system this chapter goes over the basic differences in them.
Chapter four goes over the basic security that Apple has built into the iOS device. Covering the differences in the pin on the device and applying a password into a backup that is acquired through iTunes.
Chapter five cover acquiring and image of forensic data off of the device. My only disappointment was the lack of a real opensource option other than jailbreaking. While this is not a fault of the book a reader should not expect a "cheap" option other than jailbreaking. It does cover using a backup, but this does not give you access to the system files. So if you only need user data you should feel comfortable with this portion. If however you are required to examine the device for malicious software jailbreaking will be the only option that does not require payment and NDA.
Chapter six covers actually examining and analyzing the data that had been received in the previous chapter.
While overall this book is excellent as a source for forensic analysis of an iOS device there is very little to compare it to. Not taking anything away from this book, it is by far an excellent source of information and if you ever believe you may have to examine an Apple device I would recommend you have a copy of this book on your shelf.
Comment Comment (1) | Permalink | Most recent comment: Dec 29, 2013 1:12 PM PST


Twins - Muay Thai Shin Guards - Large
Twins - Muay Thai Shin Guards - Large
Offered by one1onone
Price: $82.95
6 used & new from $75.95

1 of 1 people found the following review helpful
5.0 out of 5 stars The best shinguards I have ever used., January 19, 2012
Verified Purchase(What's this?)
My gym has an assortment of shinguards that are available for use and none of them compare to these. I shopped around quite a bit before deciding on this pair. If you are practicing Muay Thai and don't kick banana trees on a regular basis this will save your shins.


14 oz Super-Heavyweight Traditional Judo/Jiu-Jitsu Uniform Black
14 oz Super-Heavyweight Traditional Judo/Jiu-Jitsu Uniform Black
Offered by BlackBeltshop
Price: $34.90 - $64.99

5 of 5 people found the following review helpful
5.0 out of 5 stars Excellent for the price, January 19, 2012
Verified Purchase(What's this?)
The pants are a little thin and a slick glossy material. I am 5'9"ish and about 240. Some fat on there, but fairly stalky build. The jacket and pants were an exact fit for me at size 5. In the future I will probably get a size 6. I bought it for BJJ and it has held up extremely well so far. For the price the quality can not be beat in my opinion. It is well worth the money and I will probably get a blue one really soon.


UNIX and Linux Forensic Analysis DVD Toolkit
UNIX and Linux Forensic Analysis DVD Toolkit
by Chris Pogue
Edition: Paperback
6 used & new from $42.48

4 of 4 people found the following review helpful
2.0 out of 5 stars No really UNIX content., March 8, 2011
Verified Purchase(What's this?)
While I was expecting a book similar to the Syngress publication Windows Forensics Analysis by Harlan Carvey I was given more of a Linux for Dummies with a Forensic emphasis.
I'll break it down by chapter to make things a little more understandable. The introduction Chapter one was the standard why am I writing this and what will I cover. It seemed like that was a good start. Unfortunately things when south with Chapter 2. Introduction to UNIX: I'm sorry did I miss the UNIX in it? The focus was Ubuntu Linux. While a forensic analyst should be able to examine Linux systems, that wasn't the title of the book. UNIX was first, but UNIX was hardly mentioned. There are similarities, but not to the extent that the author makes the reader believe. At the time of my reading this book I was working on forensic analysis of a Solaris system and a CentOS system. I was able to use maybe 10 to 15 percent of the content for the Solaris system and if I was lucky 50% for the CentOS system.
Chapter 3 Live Response: Data Collection- there was no Live Response. In short there was very little about what the responder should collect and what is useless information. Much of the chapter was spent on a Log Book and various live CD/DVD Linux distributions that are available. There is a slight discussion of how to collect drive images, but even that is outdated at the time of writing. Two years prior to the writing I was collecting images from Terabyte systems.
Chapter 4 is about Initial Triage and Data Analysis- I'm sorry what? We've already collected the image? Why do we go back to triage? Why are we now just concerned with the network? I know chapters can be read in any order, but if this is for an "intro" person they will most likely do the work in order of the chapters if they do not know any better or have someone guiding them. The author gives a few examples of techniques which are good. Then an example of keyword lists and makes a point of telling the reader to develop their own. The author makes a point of saying attackers will want to look like normal activity on the network, but then gives keyword lists that are standard script kiddie tools. If the attacker is more than just a beginner they have modified the signature/look so that it doesn't match. While I am not against a keyword search, I am against the thinking that if your keyword search does not hit then you must acquit. Chapter 4 is probably the most useful chapter of the book.
Then we go to one of the most useless chapters in the book. At over fifty pages this chapter is the largest, but covers the least useful information. Discussing The Hacking Top 10 is pointless. Especially with the emphasis on tools that won't be as common. A discussion of Nmap and netcat are vital to this book, but many hackers won't take the time to install Wireshark with it's size and GUI. There are tools out there that are cmd line based and would suite an attacker more. Some of the other tools should be discussed, but not to the extent that the author does. It's almost as if the book was to short to charge $59.95 so they added pages to justify the cost.
Chapter 6 discussed the /Proc file system. One of the more useful chapters in the book. However it is one hundred percent Linux based. Again no discussion at all for the differences in UNIX and Linux.
Chapter 7 discussed file analysis. Again a very useful chapter, but lacking in depth. A minuscule thirteen pages there should be so much more discussed.
Chapter 8 was the second most useless chapter in the book. Fortunately it was only a waste of ten pages of the book. Discussing anti-virus instead of what the chapter Title promises "Malware", it really was let down on possible interest. While the title of Chapter 5 did not lead anyone on, Chapter 8 was definite tease. The discussion was a vague conversation about the direction of malware in the Linux environment (notice again not discussing UNIX) and then into different anti-virus systems that are available. I have never installed an AV to do forensics and it would seem to me to not be reliable if the signature has changed slightly anyway.
In discussing this book the Appendix is noteworthy. It gives a high-level overview of setting up Cybercrime detection, but it is only vaguely related to the topic as there is much discussion on networks and Windows systems.
While there is a requirement for a UNIX forensics book this book does not meet that requirement. It is useful for Linux analysis if that is all you are working on, but this will not apply much to the more UNIX platforms of the *nix systems. While I applaud the authors attempt, it seems as if editing may have taken the liberty to force this book into a broader market than was the original intention.


Daemon
Daemon
by Daniel Suarez
Edition: Hardcover
115 used & new from $0.01

3.0 out of 5 stars A gifted author, but he's still new., September 24, 2009
This review is from: Daemon (Hardcover)
The book is high on technology and cutting edge inventions, but it seems as though he definitely stretched the very limits of literary license. I really enjoyed parts of the book and at other parts he left me wondering how he got from A to Z, because B through Y would make no sense.

To start off there is character development, but it's in the wrong places. Many times I was left wondering who this main character was and how did they get there? Usually when a person gets introduced in the beginning they are the characters that are the primary focus. 100 pages in he seems to introduce new characters, develop the character and then they drop off the entire novel except for a few pages. He literally spent 20 to 40 pages developing a character that would be seen for a total of 5 to 10 pages through the rest of the book.

One character he put in "The Major" was never developed and he attempts to throw a twist into it that was a give away 100 pages earlier. He attempts to portray The Major as a shadowy character he succeeds a little, but mostly portrays him as a bully, a moron and a social misfit. At one point the Major pulls a gun on another character and the dialog seemed to appear out of a B-Rated movie. I could picture Dolph Lundgren trying his best intimidation voice saying those lines. It wasn't very good. I don't usually cringe at a bad dialog, but that one was terrible.

The "Daemon" appears to learn. It also knows about technology before it has been invented. It triggers things like orders for products, recruitment of specific people literally months/years after it starts. It seems to make decisions, not based on how a computer makes a decision, but how a person sorts through options and goes with a gut feeling.

The book suggests that a single person wrote these literally billions of lines of code (suggesting that maybe two people helped) in just a couple of years after the dead guy had developed brain cancer. All I can say is that's some awesome project management. I've been involved with projects that I would be luck to get 100 lines of code out of a team in a day. But billions out of three people in a couple of years? Microsoft hires the wrong people.

For his first book I will applaud him. It is a very good first attempt. I have yet to completely write a novel so he deserves credit for that. There were parts were it seemed as if I couldn't put it down and there were just as many parts where I couldn't pick it up.

There have been suggestions of a movie. I look forward to it, but I'm not sure I will bother with theaters. I am looking forward to reading the sequel. I'm sure his writing will improve and I really believe he will be comparable to Neal Stephenson, but like anything he's just starting. He deserves the support of the community, because his ideas are truly unique. He is a gifted author, but he's just getting started.


Windows Forensic Analysis DVD Toolkit, Second Edition
Windows Forensic Analysis DVD Toolkit, Second Edition
by Harlan A. Carvey
Edition: Paperback
48 used & new from $5.09

5 of 5 people found the following review helpful
5.0 out of 5 stars The best forensic book currently available, September 1, 2009
I've started reading or read a number of forensic books in the past two years. Though I have yet to read a specific Operating System forensic book, most have generally focused on Windows as the choice for forensic analysis. Of all the books that I have read, I would have to say that by far Windows Forensic Analysis DVD Toolkit second edition is the best.
The author is very thorough without beating a single tool to death. The author covers numerous tools, but continues to stress that having information from one tool does not give the investigator the `smoking gun' to solving the case. He stresses repeatedly that this is just adding another tool to the investigator's toolbox.
Many books are simply an attempt to sell their book by declaring that if you follow: step one, followed by step two, followed by step three etc. that you will suddenly be a master forensic investigator or incident handler. Harlan Carvery never says that reading this book will make you an expert, only that he hopes to enlighten the reader to new tools and techniques. The author makes it very clear that each tool is valuable, but the reader should find the tools that suite their own need and get the experience necessary to analyze the output.
The book jumps straight into the discussion of volatile data and the importance of capturing it as close to the instance of compromise as possible. I was pleased to see that the author made a point of emphasizing this. There is still a mindset in many situations that pulling the plug is the first thing to accomplish.
The first three chapters are a statement to the importance placed on collecting and analyzing the volatile portion of the incident. Though technically the first two chapters also cover information to tie in the remaining chapters there is always that focus of maintaining data as close to the point of compromise as possible.
The next three chapters cover the static files and registry that a Forensic Analyst will have to review and analyze. The author covers numerous tools as well as providing his tools and his preferences for use.
The last three chapters cover rootkits, tying it together with case studies and then finally Forensic Analysis on a budget.
Throughout the book the author makes references to papers, websites and other books that will provide a much more indepth discussion of the topics. In every chapter he provides a source for more up-to-date software than what is provided on the DVD.
The author includes numerous tools that are his personal scripts or scripts that he has modified for his use. For the most part his scripts are all Perl based, but again the author shows his flexibility and understanding when he explains why his tools are Perl and not something else. At no point does the author take a "this is the only right way to do it" attitude. It is refreshing to see an unbiased book that is primarily Windows oriented.
With all that being said I would say that grammatical editing could have been a little better. Even with these errors the book was definitely worth buying. We have a copy in our office and I am buying a copy for my own personal use. I would say that if you are doing Windows forensics or have an interest in learning about the current trends in Windows forensics you need to pick up a copy. It will be an invaluable resource.


Build Your Own Security Lab: A Field Guide for Network Testing
Build Your Own Security Lab: A Field Guide for Network Testing
by Michael Gregg
Edition: Paperback
Price: $29.46
46 used & new from $5.87

16 of 18 people found the following review helpful
4.0 out of 5 stars Excellent book for a beginner, not recommended for the experienced Info Sec individual, July 11, 2009
"Build your own Security Lab A field guide for network testing" is great at what it is intended to be: an introduction for a novice security person in what they should be working on to get experience in the field. I have Michael Gregg's Certified Ethical Hacker and in most terms I would say this book is more of a work book for the study guide. It gives you a feel for what equipment you will need and how the equipment should be connected, but doesn't go to in-depth into the nuts and bolts of it.
The book includes a copy of BackTrack and a few other tools on the DVD and these items help the novice have an idea of what tools they should be looking for on the Internet, but a better idea may be to have a central repository for the tools or include the link to the tools since most of the tools were outdated by the time the book was published.
Almost every chapter or in some cases a group of chapters could be written as a stand-alone book. The author did an excellent job of summarizing some of the areas and others I felt he could have covered in more detail.
It would have been nice to see more information on sniffers and packet analyzing. The book was labeled "field guide for network testing", but there was only a page dedicated to Wireshark. A big part of network security is analyzing the traffic that is crossing the network. The author covers some of it under Intrusion Detection, but again it is not sufficient in my opinion.
I was a little surprised by the lack of anything more than a mention of Netcat. With the value of this tool and the wide spread use of variants of the tool I would have expected a page at least of the use of the software and how it is distributed. There was no reference to Tiny and a few other tools or there variants that are in common use throughout the Internet. There was no reference to VNC, RDP or Dameware some remote administration tools that are commonly exploited on most networks.
I would have thought at this level a chapter on forensics and cryptography would have been over the top of most of the readers heads. The author does make a good job just summarizing the information just enough to wet the appetite of a serious novice. I think it would have been a great benefit to the reader to have more references to in-depth material, but a determined reader will find what they need.
The cryptography chapter gets somewhat confusing. The author is discussing symmetric algorithms and then starts discussing PGP before going back to symmetric algorithms and then goes into asymmetric algorithms. The inexperienced reader would believe that PGP is a symmetric algorithm.
Overall the book was good and the exercises were great, but anyone who has mid-level experience or greater in information security will find this book a little to novice. I have already recommended the book to a few beginners.


Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Gray Hat Python: Python Programming for Hackers and Reverse Engineers
by Justin Seitz
Edition: Paperback
Price: $24.45
88 used & new from $7.40

72 of 78 people found the following review helpful
2.0 out of 5 stars Much Anticipation falls well short of expectations, July 7, 2009
Verified Purchase(What's this?)
I was extremely disappointed in this book. I had been waiting almost a year for the book to be released and in that time had spent time looking at the different applications that were currently written in Python that could possible be included. With the time spent in writing this book and bringing it into publication the poor quality of the book does not compare to the higher standards that most No Starch Press books have achieved.

While there were a few merits in the book the majority of the book was a futile attempt to put outdated or useless information to paper. Many of my coworkers were very interested in the publication, but having read it and having spoken with my collegues that have read it we can all agree that it falls well short of anticipation.

The first five chapters were about Immunity Debugger. While reading them it seemed as if it were a sales pitch and then after reading that the author was employed by the same company that produces Immunity it was plainly obvious that he was influenced.

The author spent a chapter on hooking(6), DLL and code injection(7), fuzzing(8), Sulley(9), Fuzzing Windows Drivers(10), IDAPython(11), PyEMU(12) and obviously the Immunity Debugger chapters that were 1 through 5. But where was the rest? It was obviously lacking in many areas. There was very little mentioned on networks, packet reassembly or capture (pynids). No mention was made of Scapy, Pcapy, Impacket, Inguma, Volatility and so many more. Libraries that would be extremely helpful were never even brushed. IronPython, Win32, CryptoPy,

The examples given were poor to say the least. The author never mentioned which versions of python that the examples worked with and they were built using the older releases. The author goes through the installation of Python 2.5, but that version had issues with a few of the examples that I managed to get to work on 2.4. No mention was made for the the Python 3 version and version 2.6 had issues with most of the examples.

At 188 pages with 80+ pages used for debuggers that book was sorely lacking in any amount of substance. Most of my notes have more content then this book. To think that a book written regarding security minded use of python could only yield this little bit of information is absured.

I had preordered the book well in advance of publication. Each time the book was delayed for a few months I was extremely disappointed, but continued to hold onto the preorder. Once I received the book the writing and content were so poor that I spent much of my time reading a few pages only to put it down to find something of more interest or better content.

As I had said previously, No Starch Press is known for their quality products and excellent material, but this book falls well short of expectations. If someone would ask if I recommend this book I would whole heartedly tell them they are better off buying seperate books and piecing together that with internet content.

With all the uses Python has in security today I feel the community needs a better resource for Python tools in pentesting, forensics, incident response, intrusion detection, and so on. The potential content could fill volumes. A book about Python and Security would benefit the community greatly if it was a quality product, but this is not it.
Comment Comment (1) | Permalink | Most recent comment: Jul 9, 2010 2:05 AM PDT


Twisted Network Programming Essentials
Twisted Network Programming Essentials
by Abe Fettig
Edition: Paperback
35 used & new from $0.01

2 of 2 people found the following review helpful
3.0 out of 5 stars eh, could be better, could be worse, December 15, 2008
Verified Purchase(What's this?)
The book was a very basic introduction to twisted. For the most part it will really only benefit someone who is relatively new to Python and needs to perform some quick network programming.

The tutorials described were good to get someone familiar with the syntax and to show the basic implementation of twisted, but more time is spent reading the book then it would take just to get the documentation and learn it hands on. Any programmer that has poured a few hours into researching code and documentation would feel that this book was a waste of time.

So if you are new to Python and need to learn network programming this book should be able to point you in the right direction, but if you are an experienced programmer, just use the documentation on the website and donate some money to the maintainers instead.


The Definitive Guide to Django: Web Development Done Right (Expert's Voice in Web Development)
The Definitive Guide to Django: Web Development Done Right (Expert's Voice in Web Development)
by Jacob Kaplan-Moss
Edition: Paperback
52 used & new from $0.32

4.0 out of 5 stars Excellant start to a great framework, August 4, 2008
Verified Purchase(What's this?)
A great started for an an excellent MVC. I would recommend this book for anyone wanting to quickly assemble a website. If anything it's the python version of Ruby on Rails.

The book makes it easy to take a project from idea to concept to reality quickly.

The only issue that I have with the book is the implementation with existing or legacy web servers. The book seemed to lack procedure beyond "the norm". The procedure for Apache was very cookie cutter and did not meet the needs that I had. It honestly didn't work with any install of Apache, but mine was a specific install. Some research into the area before hand would be more beneficial.


Page: 1 | 2