| Forensic Analysis/Incident Response/Data Recovery |
|
| Windows Forensic Analysis Including |
| Author: Harlan Carvey, Dave Kleiman |
| Publisher: Syngress |
| Year: 2007 |
| Pages: 416 |
| Amazon's book description: The only book available on the market that addresses and discusses in-depth forensic analysis of Windows systems. Windows Forensic Analysis DVD Toolkit takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, who are often the front line troops when an incident occurs, but due to staffing and budgets do not have the necessary knowledge to effectively respond. The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else, as they were created by the author. |
|
|
|
| Mastering Windows Network Forensics and Investigation |
| Author: Steven Anson, Steve Bunting |
| Publisher: Sybex |
| Year: 2007 |
| Pages: 552 |
| Amazon's book description: This comprehensive guide provides you with the training you need to arm yourself against phishing, bank fraud, unlawful hacking, and other computer crimes. Two seasoned law enforcement professionals discuss everything from recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand. They cover the range of skwills, standards, and step-by-step procedures you'll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court. |
|
|
|
| Alternate Data Storage Forensics |
| Author: Amber Schroader, Tyler Cohen |
| Publisher: Syngress Publishing |
| Year: 2007 |
| Pages: 400 |
| Amazon's book description: This book begins by describing how alternate data storage devices are used to both move and hide data. From here a series of case studies using bleeding edge forensic analysis tools demonstrate to readers how to perform forensic investigations on a variety of ADS devices including: Apple iPods, Digital Video Recorders, Cameras, Gaming Consoles (Xbox, PS2, and PSP), Bluetooth devices, and more using state of the art tools. Finally, the book takes a look into the future at not yet every day devices which will soon be common repositories for hiding and moving data for both legitimate and illegitimate purposes. |
|
|
|
| EnCase Computer Forensics--The Official EnCE |
| Author: Steve Bunting |
| Publisher: Sybex |
| Year: 2007 |
| Pages: 648 |
| Amazon's book description: EnCase Computer Forensics--The Official EnCE: EnCase Certified Examiner Study Guide, 2nd Edition provides extensive coverage on all exam topics candidates will need to be familiar with and that will appear on the EnCE exam. The updated edition covers the more recent exam covering EnCase Computer Forensics version 6 software. The book includes real-world scenarios, hands-on exercises, hundreds of practice questions, and up-to-date information on legal cases that effect how forensics professionals do their jobs, as well as a demo version of the EnCase Computer Forensics v6, complete with samplel evidence files. |
|
|
|
| Cyber Crime Investigations: Bridging the Gaps Between Security Professionals, Law Enforcement, and Prosecutors |
| Author: Anthony Reyes, Richard Brittson, Kevin O'Shea, Jim Steel |
| Publisher: Syngress Publishing |
| Year: 2007 |
| Pages: 448 |
| Amazon's book description: The book begins with the chapter What is Cyber Crime? This introductory chapter describes the most common challenges faced by cyber investigators today. The following chapters discuss the methodologies behind cyber investigations; and frequently encountered pitfalls. Issues relating to cyber crime definitions, the electronic crime scene, computer forensics, and preparing and presenting a cyber crime investigation in court will be examined. Not only will these topics be generally be discussed and explained for the novice, but the hard questions the questions that have the power to divide this community will also be examined in a comprehensive and thoughtful manner. |
|
|
|
| Wireless Crime and Forensic Investigation |
| Author: Gregory Kipper |
| Publisher: AUERBACH |
| Year: 2007 |
| Pages: 280 |
| Amazon's book description: From short text messaging to war driving, Wireless Crime and Forensic Investigation explores all aspects of wireless technology, how it is used in daily life, and how it will be used in the future. The book provides a one-stop resource on the types of wireless crimes that are being committed and forensic investigation techniques for wireless devices and wireless networks. The author's straightforward and easy to read style seamlessly integrates the topics of wireless security and computer forensics. He provides a solid understanding of modern wireless technologies, wireless security techniques and wireless crime techniques, as well as conducting forensic analysis on wireless devices and networks. |
|
|
|
| Windows Forensics: The Field Guide for Corporate Computer Investigations |
| Author: Chad Steel |
| Publisher: Wiley |
| Year: 2006 |
| Pages: 408 |
| Amazon's book description: Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals. |
|
|
|
| CD and DVD Forensics |
| Author: Paul Crowley, Dave Kleiman |
| Publisher: Syngress |
| Year: 2006 |
| Pages: 320 |
| Amazon's book description: CD and DVD Forensics will take the reader through all facets of handling, examining, and processing CD and DVD evidence for computer forensics. At a time where data forensics is becoming a major part of law enforcement and prosecution in the public sector, and corporate and system security in the private sector, the interest in this subject has just begun to blossom. |
|
|
|
| EnCase Computer Forensics--The Official EnCE: EnCase Certified Examiner Study Guide |
| Author: Steve Bunting, William Wei |
| Publisher: Sybex |
| Year: 2006 |
| Pages: 576 |
| Amazon's book description: Whether monitoring the Internet for threats and chatter, capturing computer evidence, or crunching forensic data, Guidance Software's EnCase computer forensics software is recognized as the premier computer forensics tool on the market. For investigation professionals, EnCE certification tells the world that you've not only mastered the use of EnCase software, but also that you've acquired in-depth forensics knowledge and proper techniques for conducting complex computer examinations. |
|
|
|
| Data Recovery Tips & Solutions: Windows, Linux, and BSD |
| Author: Kris Kaspersky |
| Publisher: A-List Publishing |
| Year: 2006 |
| Pages: 370 |
| Amazon's book description: This comprehensive manual covers three areas in which system administrators must be proficient to successfully recover data: the structure and operating principles of the most popular file systems, automatic data recovery techniques, and manual recovery techniques used in cases of total data destruction. Data recovery from hard drives and optical storage in Windows, BSD, and Linux file systems is described, as are automatic recovery utilities, manual and automatic recovery of deleted files on ext2/ext3 partitions and NTFS partitions, formatted NTFS partitions and deleted UFS/FFS files, RAID data recovery, media restoration with physical damage, and data loss prevention. |
|
|
|
| File System Forensic Analysis |
| Author: Brian Carrier |
| Publisher: Addison-Wesley Professional |
| Year: 2005 |
| Pages: 600 |
| Amazon's book description: Most digital evidence is stored within the computer's file system, but understanding how file systems work is one of the most technically challenging concepts for a digital investigator because there exists little documentation. Now, security expert Brian Carrier has written the definitive reference for everyone who wants to understand and be able to testify about how file system analysis is performed. |
|
|
|
| Real Digital Forensics: Computer Security and Incident Response |
| Author: Keith J. Jones, Richard Bejtlich, Curtis W. Rose |
| Publisher: Addison-Wesley Professional |
| Year: 2005 |
| Pages: 688 |
| Amazon's book description: You can't succeed in the field of computer forensics without hands-on practice-and you can't get hands-on practice without real forensic data. The solution: Real Digital Forensics. In this book, a team of world-class computer forensics experts walks you through six detailed, highly realistic investigations and provides a DVD with all the data you need to follow along and practice. |
|
|
|
| Forensic Discovery |
| Author: Dan Farmer, Wietse Venema |
| Publisher: Addison-Wesley Professional |
| Year: 2005 |
| Pages: 240 |
| Amazon's book description: Computer forensics--the art and science of gathering and analyzing digital evidence, reconstructing data and attacks, and tracking perpetrators--is becoming ever more important as IT and law enforcement professionals face an epidemic in computer crime. In Forensic Discovery, two internationally recognized experts present a thorough and realistic guide to the subject. |
|
|
|
| Computer Evidence: Collection & Preservation |
| Author: Christopher LT Brown |
| Publisher: Charles River Media |
| Year: 2005 |
| Pages: 416 |
| Amazon's book description: Computer Evidence: Collection and Preservation teaches law enforcement and computer forensics investigators how to identify, collect, and maintain digital artifacts to preserve their reliability for admission as evidence. The book focuses on collection and preservation because these two phases of computer forensics are the most critical to evidence acceptance, but are not thoroughly covered in text or courses. Throughout the book, a constant eye is kept on evidence dynamics and the impact investigators can have on data integrity while collecting evidence. The simple act of a computer forensics investigator shutting down a suspect's computer changes the state of the computer as well as many of its files, so a good understanding of evidence dynamics is essential when doing computer forensics work. Broken up into five parts, Computer Forensics & Evidence Dynamics, Information Systems, Data Storage Systems & Media, Artifact Collection, and Archiving & Maintaining Evidence, the book places specific focus on how investigators and their tools are interacting with digital evidence. By reading and using this task-oriented guide, computer forensics investigators will be able to ensure case integrity during the most crucial phases of the computer forensics process. |
|
|
|
| Internet Forensics |
| Author: Robert Jones |
| Publisher: O'Reilly Media |
| Year: 2005 |
| Pages: 238 |
| Amazon's book description: Because it's so large and unregulated, the Internet is a fertile breeding ground for all kinds of scams and schemes. Usually it's your credit card number they're after, and they won't stop there. Not just mere annoyances, these scams are real crimes, with real victims. Now, thanks to Internet Forensics from O'Reilly, there's something you can do about it. |
|
|
|
| Guide to Computer Forensics and Investigations |
| Author: Amelia Phillips, Bill Nelson, Frank Enfinger, Christopher Steuart |
| Publisher: Course Technology |
| Year: 2005 |
| Pages: 672 |
| Amazon's book description:
This text offers a disciplined approach to implementing a comprehensive accident-response plan with a focus on being able to detect intruders, discover what damage they did and discover their identities. |
|
|
|
| Hacking Exposed Computer Forensics |
| Author: Chris Davis, Aaron Philipp, David Cowen |
| Publisher: McGraw-Hill Osborne Media |
| Year: 2004 |
| Pages: 480 |
| Amazon's book description: Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You'll get expert information on crucial procedures to successfully prosecute violators while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It's all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you'll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies. |
|
|
|
| Windows Forensics and Incident Recovery |
| Author: Harlan Carvey |
| Publisher: Addison-Wesley Professional |
| Year: 2004 |
| Pages: 480 |
| Amazon's book description: Windows Forensics and Incident Recovery doesn't just discuss forensics, it also includes tools for analysis and shows readers how to use them. I look forward to putting these tools through their paces, and I recommend Carvey's book as a terrific addition to the security professional's bookshelf. |
|
|
|
| Incident Response and Computer Forensics, Second Edition |
| Author: Chris Prosise, Kevin Mandia, Matt Pepe |
| Publisher: McGraw-Hill/Osborne |
| Year: 2003 |
| Pages: 507 |
| Amazon's book description: A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques. |
|
|
|
| Incident Response: Computer Forensics Toolkit |
| Author: Douglas Schweitzer |
| Publisher: Wiley |
| Year: 2003 |
| Pages: 360 |
| Amazon's book description: Guide provides the tools needed to reveal a security breach, gather evidence to report the crime, and conduct audits to prevent future attacks. Provides an understanding of the methodologies for incident response and computer forensics, Federal Computer Crime law investigation, legal issues, and how to work with law enforcement. |
|
|
|
| Computer Forensics: Computer Crime Scene Investigation |
| Author: John R. Vacca, John Vacca |
| Publisher: Charles River Media |
| Year: 2002 |
| Pages: 600 |
| Amazon's book description: The mightiest fortresses in the world can fail, and when that happens all you can do (you being the person responsible for castle security) is figure out what went wrong, what damage was done, and by whom. If the castle was located in the right kind of kingdom--to take a metaphor too far--you can hope to prosecute the perpetrator. Computer Forensics: Computer Crime Scene Investigation explains how to gather evidence of computer crimes in such a way that it will be more likely to lead to a conviction in a criminal court. It's an interesting legal area--after all, it's almost always you, and not any law enforcement agency doing the surveillance and evidence-gathering on your computer systems--and John Vacca has done a fair bit of research. This book will probably expand your thinking on the subject of information security. |
|
|
|
| Computer Forensics: Incident Response Essentials |
| Author: Warren G. Kruse, Jay G. Heiser |
| Publisher: Addison-Wesley Professional |
| Year: 2001 |
| Pages: 416 |
| Amazon's book description: Computer security is a crucial aspect of modern information management, and one of the latest buzzwords is incident response--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did, and hopefully find out who they are. |
|
|