- Paperback: 688 pages
- Publisher: Addison-Wesley Professional; 1 edition (October 3, 2005)
- Language: English
- ISBN-10: 9780321240699
- ISBN-13: 978-0321240699
- ASIN: 0321240693
- Product Dimensions: 7 x 1.6 x 9.2 inches
- Shipping Weight: 2.2 pounds (View shipping rates and policies)
- Average Customer Review: 19 customer reviews
- Amazon Best Sellers Rank: #156,488 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Real Digital Forensics: Computer Security and Incident Response 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
"Enlightenment Now: The Case for Reason, Science, Humanism, and Progress"
Is the world really falling apart? Is the ideal of progress obsolete? Cognitive scientist and public intellectual Steven Pinker urges us to step back from the gory headlines and prophecies of doom, and instead, follow the data: In seventy-five jaw-dropping graphs, Pinker shows that life, health, prosperity, safety, peace, knowledge, and happiness are on the rise. Learn more
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
From the Back Cover
You can't succeed in the field of computer forensics without hands-on practiceand you can't get hands-on practice without real forensic data. The solution: Real Digital Forensics. In this book, a team of world-class computer forensics experts walks you through six detailed, highly realistic investigations and provides a DVD with all the data you need to follow along and practice.
From binary memory dumps to log files, this DVD's intrusion data was generated by attacking live systems using the same tools and methods real-world attackers use. The evidence was then captured and analyzed using the same tools the authors employ in their own investigations. This book relies heavily on open source tools, so you can perform virtually every task without investing in any commercial software.
You'll investigate environments ranging from financial institutions to software companies and crimes ranging from intellectual property theft to SEC violations. As you move step by step through each investigation, you'll discover practical techniques for overcoming the challenges forensics professionals face most often.
Inside, you will find in-depth information on the following areas:
Responding to live incidents in both Windows and Unix environments
Determining whether an attack has actually occurred
Assembling a toolkit you can take to the scene of a computer-related crime
Analyzing volatile data, nonvolatile data, and files of unknown origin
Safely performing and documenting forensic duplications
Collecting and analyzing network-based evidence in Windows and Unix environments
Reconstructing Web browsing, e-mail activity, and Windows Registry changes
Tracing domain name ownership and the source of e-mails
Duplicating and analyzing the contents of PDAs and flash memory devices
The accompanying DVD contains several gigabytes of compressed data generated from actual intrusions. This data mirrors what analysts might find in real investigations and allows the reader to learn about forensic investigations in a realisticsetting.
© Copyright Pearson Education. All rights reserved.
About the Author
Keith Jones (Alexandria, VA) heads the forensics practice at Red Cliff Consulting. Former military intelligence officer Richard Bejtlich (Manassas Park, VA) is a security engineer at ManTech International Corporation's Computer Forensics and Intrusion Analysis division. A recognized authority on computer security, he has extensive experience with network security monitoring, incident response, and forensics. Curtis Rose (Alexandria, VA) is vice president of Red Cliff and an industry-recognized expert in computer security with more than eighteen years experience in investigations, computer forensics, technical, and information security.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
The authors address a serious lack in this field. How does someone [you] gain experience analysing a real attack? Without already being employed at a company experiencing such an event? In response, the authors made several scenarios that, they claim, reflect what actual attackers would likely have done.
This is an experimental book. There is no overarching elegant theory. You are meant to roll up your sleeves and tackle each case. En route, the book shows how, as a defender, you can use several open source packages to dissect the attack, as well as impose countermeasures. Which is another nice feature. Those packages are free. It makes your forensics education very cheap, in terms of explicit capital outlay.
Which is not to say that the book ignores commercial forensic tools. But the authors have a clear preference for open source, with which you might well concur.