Authors: Warren G. Kruse, Jay Heiser
ISBN-13: 9780201707199, ISBN-10: 0201707195
Format: Paperback
Publisher: Addison-Wesley
Date Published: September 2001
Edition: (Non-applicable)
0201707195AB05232001
Just as regular police forensics focus on the information available at a crime scene, computer forensics looks at evidence that can be gleaned in the aftermath of a computer security incident. Two computer security professionals provide a methodology for collecting information that can lead to a perpetrator and prove useful in prosecutions. Chapters cover encryption, data hiding, hostile code, and introductions to forensics on Windows and Unix operating systems.
Annotation c. Book News, Inc., Portland, OR (booknews.com)
Preface | vii | |
Acknowledgments | xiii | |
Chapter 1 | Introduction to Computer Forensics | 1 |
Chapter 2 | Tracking an Offender | 23 |
Chapter 3 | The Basics of Hard Drives and Storage Media | 65 |
Chapter 4 | Encryption and Forensics | 83 |
Chapter 5 | Data Hiding | 105 |
Chapter 6 | Hostile Code | 129 |
Chapter 7 | Your Electronic Toolkit | 149 |
Chapter 8 | Investigating Windows Computers | 177 |
Chapter 9 | Introduction to Unix for Forensic Examiners | 207 |
Chapter 10 | Compromising a Unix Host | 245 |
Chapter 11 | Investigating a Unix Host | 263 |
Chapter 12 | Introduction to the Criminal Justice System | 311 |
Chapter 13 | Conclusion | 325 |
Appendix A | Internet Data Center Response Plan | 327 |
Appendix B | Incident Response Triage Questionnaire | 353 |
Appendix C | How to Become a Unix Guru | 363 |
Appendix D | Exporting a Windows 2000 Personal Certificate | 367 |
Appendix E | How to Crowbar Unix Hosts | 375 |
Appendix F | Creating a Linux Boot CD | 377 |
Appendix G | Contents of a Forensic CD | 379 |
Annotated Bibliography | 381 | |
Index | 385 |