COMPUTER FORENSICS: INCIDENT RESPONSE ESSENTIALS
Ouvrage 9780201707199 : COMPUTER FORENSICS: INCIDENT RESPONSE ESSENTIALS
As with all crimes, computer crimes leave
tracks_albeit digital ones. By reading this book, one can
learn to collect and analyze evidence found in a
compromised computer system.
From fraud and theft to forged digital signatures,
computer crime is on the rise. Most computer crimes
involve incoming or outgoing Internet traffic, and
remote attacks, such as viruses and worms, are
growing in number and sophistication.
Computer forensics, the newest branch of computer
security, deals with the aftermath of an attack.
The goal of computer forensics is to conduct an
investigation into a compromised computer system in
a manner that will hold up to legal scrutiny.
Computer Forensics is written by two experts in
digital investigation, and provides extensive
information on how to handle the computer as
evidence. Kruse and Heiser take the reader from the
initial collection of evidence through its turn
over to the victim or a law enforcement official. This book
covers topics ranging from an overview of
encryption to creating an evidence log and case folder to how
to present yourself in court. Both Unix and the
Windows NT/2000 operating systems are covered for
forensic examiners.
This book provides a detailed methodology for
preserving the integrity of evidence by addressing the
three A's of computer forensics:
Acquire the evidence without altering or
damaging the original data.
Authenticate that your recorded evidence is
the same as the original seized data.
Analyze the data without modifying the
recovered data.
Computer Forensics is written foranyone who has a
computer directly connected to the Internet; it is
an essential tool for anyone who may have to
respond to a report of a compromised computer system.
Warren G. Kruse II, a former police officer, has
been with Lucent Technologies' Corporate Computer
and Network Security Organization as an
Investigations Manager since 1998. He has received
specialized training in computer forensics from the
International Association of Computer Investigating
Specialists and the Nation White Collar Crime
Center. He is a member of the US Secret Service
Electronic Crime Task Force, and gives a popular
forensics class at SANS.
Jay Heiser is Senior Information Security
Consultant for Lucent, based in Austria
Table of Contents
Preface
1: Introduction to Computer Forensics
2: Tracking an Offender
3: Hard Drives and Storage Media Basics
4: Encryption and Forensics
5: Data Hiding
6: Hostile Code
7: Your electronic Toolkit
8: Investigating Windows Computers
9: Introduction to Unix for Forensic Examiners
10: Compromising a Unix Host
11: Investigating a Unix Host
12: Introduction to the Criminal Justice System
13: Conclusion
Appendix A: How to Become a Unix Guru
Appendix B: Exporting a Windows 2000 Private Key
Appendix C: Incident Response Plan
Appendix D: Sidebars
Bibliography
Index
Auteur : KRUSE
Editeur : ADDISON WESLEY
Nombre de pages : 392
Date de publication : 10 2001
Toute la sélection
Toutes les sélections
Toute la sélection
Site réalisé en partenariat avec Courbis
(Courbis - alternate link), acteur de l'Internet depuis 1988...
Le Monde En Tique