2024-11-23

computer forensics books

Windows Forensics: The Field Guide for Corporate Computer Investigations

DATARECOVERYUNION.COM02 mins

Windows Forensics The evidence is in–to solve Windows crime, you need Windows tools.

An arcane pursuit a decade ago, forensic science today is a household term. And while the computer forensic analyst may not lead as exciting a life as TV’s CSIs do, he or she relies just as heavily on scientific principles and just as surely solves crime.

Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals.

  • Identify evidence of fraud, electronic theft, and employee Internet abuse
  • Investigate crime related to instant messaging, Lotus Notes(r), and increasingly popular browsers such as Firefox(r)
  • Learn what it takes to become a computer forensics analyst
  • Take advantage of sample forms and layouts as well as case studies
  • Protect the integrity of evidence
  • Compile a forensic response toolkit
  • Assess and analyze damage from computer crime and process the crime scene
  • Develop a structure for effectively conducting investigations
  • Discover how to locate evidence in the Windows Registry
Read More

Computer Forensics: Hard Disk and Operating Systems

DATARECOVERYUNION.COM02 mins

Computer Forensics Computer Forensics: Hard Disk and Operating Systems (Ec-Council Press Series : Computer Forensics) by EC-Council

The Computer Forensic Series by EC-Council provides the knowledge and skills to identify, track, and prosecute the cyber-criminal. The series is comprised of five books covering a broad base of topics in Computer Hacking Forensic Investigation, designed to expose the reader to the process of detecting attacks and collecting evidence in a forensically sound manner with the intent to report crime and prevent future attacks. Learners are introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. In full, this and the other four books provide preparation to identify evidence in computer related crime and abuse cases as well as track the intrusive hacker’s path through a client system. The series and accompanying labs help prepare the security student or professional to profile an intruder’s footprint and gather all necessary information and evidence to support prosecution in a court of law. Hard Disks, File and Operating Systems provides a basic understanding of file systems, hard disks and digital media devices. Boot processes, Windows and Linux Forensics and application of password crackers are all discussed.

Read More

Incident Response and Computer Forensics (Second Edition)

DATARECOVERYUNION.COM03 mins

Incident Response and Computer Forensics (Second Edition) Incident Response and Computer Forensics, Second Edition by Chris Prosise, Kevin Mandia, Matt Pepe.

  • Paperback: 507 pages
  • Publisher: McGraw-Hill/Osborne; 2 edition (July 17, 2003)
  • Language: English
  • ISBN-10: 007222696X
  • ISBN-13: 978-0072226966
  • Product Dimensions: 9.1 x 7.3 x 1.2 inches
  • Shipping Weight: 2 pounds
  • Popular: 4.5 out of 5 stars

Description:

A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway–they’re often hard to spot–and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques.

Anti-attack procedures are presented with the goal of identifying, apprehending, and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behavior is top quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don’t–and can’t–offer a foolproof guide to catching crackers in the act, but they do offer a great “best practices” guide to active surveillance. –David Wall

Topics covered: Monitoring computer systems for evidence of malicious activity, and reacting to such activity when it’s detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack, and tools for making forensic work easier. –This text refers to an alternate Paperback edition.

Price:

List Price: $52.99 Price: $33.38 You Save: $19.61

Read More

Computer Forensics: Incident Response Essentials

DATARECOVERYUNION.COM04 mins

Computer Forensics: Incident Response Essentials

Computer Forensics: Incident Response Essentials by Warren G. Kruse, Jay G. Heiser

Details:

  • Paperback: 416 pages
  • Publisher: Addison-Wesley Professional (October 6, 2001)
  • Language: English
  • ISBN-10: 0201707195
  • ISBN-13: 978-0201707199
  • Product Dimensions: 9.1 x 7.3 x 0.9 inches
  • Shipping Weight: 1.4 pounds
  • Popular: image

Description:

Computer security is a crucial aspect of modern information management, and one of the latest buzzwords is incident response–detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did, and hopefully find out who they are.

There is little doubt that the authors are serious about cyberinvestigation. They advise companies to “treat every case like it will end up in court,” and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximize system uptime while protecting the integrity of the “crime scene.”

The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a “white hat” hacker in order to combat the criminal “black hat” hackers. The message is clear: if you’re not smart enough to break into someone else’s system, you’re probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise in Unix/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and to probe your own systems.

The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll’s classic The Cuckoo’s Egg are still in use over 10 years later–both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. –Pete Ostenson

Price:

List Price: $54.99 Price: $34.64 You Save: $20.35

Read More

Computer Forensics JumpStart (Jumpstart (Sybex))

DATARECOVERYUNION.COM02 mins
  • Computer Forensics JumpStart Paperback: 304 pages
  • Publisher: Wiley (December 10, 2004)
  • Language: English
  • ISBN-10: 078214375X
  • ISBN-13: 978-0782143751
  • Product Dimensions: 8.8 x 7.5 x 0.7 inches
  • Shipping Weight: 9.6 ounces
  • Popular: 4.5 out of 5 stars

Description:

At the heart of modern corporate crime and counter-terrorism investigations, computer forensics is now the fastest growing segment of IT and law enforcement. For everyone curious about this hot field, here is an in-depth introduction to the technological, social, and political issues at hand. Sybex’s JumpStart approach is ideal for those interested in computer forensics but not yet sure what it’s all about. It offers a complete overview of the basic skills and available certifications that can help to launch a new career.

Launch Your Career in Computer Forensics—Quickly and Effectively Written by a team of computer forensics experts, Computer Forensics JumpStart provides all the core information you need to launch your career in this fast-growing field:

  • Conducting a computer forensics investigation
  • Examining the layout of a network
  • Finding hidden data
  • Capturing images
  • Identifying, collecting, and preserving computer evidence
  • Understanding encryption and examining encrypted files
  • Documenting your case
  • Evaluating common computer forensic tools
  • Presenting computer evidence in court as an expert witness

Price:

List Price: $29.99 Price: $19.79 You Save: $10.20

Read More

Windows Forensic Analysis DVD Toolkit, Second Edition

DATARECOVERYUNION.COM03 mins

Windows Forensic Analysis DVD Toolkit, Second Edition Windows Forensic Analysis DVD Toolkit, Second Edition by Harlan Carvey.

Details:

  • Paperback: 512 pages
  • Publisher: Syngress; 2 edition (June 11, 2009)
  • Language: English
  • ISBN-10: 1597494224
  • ISBN-13: 978-1597494229
  • Product Dimensions: 9.2 x 7.5 x 1.1 inches
  • Shipping Weight: 2.0 pounds
  • Popular: 4.9 out of 5 starsDescription:

    Author Harlan Carvey has brought his best-selling book up-to-date to give you: the responder, examiner, or analyst the must-have tool kit for your job. Windows is the largest operating system on desktops and servers worldwide, which mean more intrusions, malware infections, and cybercrime happen on these systems. Windows Forensic Analysis DVD Toolkit, 2E covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. The book is also accessible to system administrators, who are often the frontline when an incident occurs, but due to staffing and budget constraints do not have the necessary knowledge to respond effectively. The book’s companion DVD contains significant new and updated materials (movies, spreadsheet, code, etc.) not available any place else, because they are created and maintained by the author.

  • Best-Selling Windows Digital Forensic book completely updated in this 2nd Edition
  • Learn how to Analyze Data During Live and Post-Mortem Investigations
  • DVD Includes Custom Tools, Updated Code, Movies, and Spreadsheets!Reviews:

    “If your job requires investigating compromised Windows hosts, you must read Windows Forensic Analysis.”

    -Richard Bejtlich, Coauthor of Real Digital Forensics and Amazon.com Top 500 Book Reviewer

    The Registry Analysis chapter alone is worth the price of the book.”

    -Troy Larson, Senior Forensic Investigator of Microsoft’s IT Security Group

    “I also found that the entire book could have been written on just registry forensics. However, in order to create broad appeal, the registry section was probably shortened. You can tell Harlan has a lot more to tell.”

    -Rob Lee, Instructor and Fellow at the SANS Technology Institute, coauthor of Know Your Enemy: Learning About Security Threats, 2E

    Price:

    List Price: $69.95 Price: $47.08 You Save: $22.81

Read More

Computer Forensics and Cyber Crime: An Introduction

DATARECOVERYUNION.COM04 mins

Computer Forensics and Cyber Crime Computer Forensics and Cyber Crime: An Introduction (2nd Edition) by Marjie T. Britz

Details:

  • Paperback: 408 pages
  • Publisher: Prentice Hall; 2 edition (October 17, 2008)
  • Language: English
  • ISBN-10: 0132447495
  • ISBN-13: 978-0132447492
  • Product Dimensions: 9.1 x 6.9 x 0.9 inches
  • Shipping Weight: 1.2 pounds
  • Popular: 4.5 out of 5 starsDescription:

    Completely updated in a new edition,  this book fully defines computer-related crime and the legal issues involved in its investigation. Re-organized with different chapter headings for better understanding of the subject, it provides a framework for the development of a computer crime unit. Updated with new information on technology, this book is the only comprehensive examination of computer-related crime and its investigation on the market.  It includes an exhaustive discussion of legal and social issues, fully defines computer crime, and provides specific examples of criminal activities involving computers, while discussing the phenomenon in the context of the criminal justice system. Computer Forensics and Cyber Crime 2e provides a comprehensive analysis of current case law, constitutional challenges, and government legislation. New to this edition is a chapter on Organized Crime & Terrorism and how it relates to computer related crime as well as more comprehensive information on Processing Evidence and Report Preparation. For computer crime investigators, police chiefs, sheriffs, district attorneys, public defenders, and defense attorneys.

    Review:

    “Computer Forensics and Cyber Crime: An Introduction should he a welcomed addition to all parents’ bookshelves.”

    — Dr: Ed Whittle, Florida Metropolitan University, Tampa, F

    “Computer Forensics and Cyber Crime: An Introduction likely constitute(s) the most definitive reference material on the subject of computer-related crime, cyber crime law, and computer crime investigation including the management and custody of evidence. Although the number of books prepared on the subject of computer-related crime and investigations has increased quite a bit in quantity and quality during the last two years, to my knowledge, they are not as thorough, comprehensive, and easy-to-read as this one …this-text is far superior to any of those… This book could very well become the Bible for computer crime across the U.S. and possibly in Britain, Canada, and elsewhere too.”

    — Scott Senja, Weber State University, Ogden, UT

    “This is the most extensive and comprehensive text reviewed in our quest for appropriate material.”

    — Karen Weston, Gannon University; Eric, PA

    Price:

    List Price: $65.20 Price: $49.52 You Save: $15.68

Read More

EnCase Computer Forensics

DATARECOVERYUNION.COM02 mins

EnCase Computer Forensics EnCase Computer Forensics(includes DVD): The Official EnCE: EnCase Certified Examiner Study Guide by Steve Bunting.

Details:

  • Paperback: 648 pages
  • Publisher: Sybex; 2 edition (December 5, 2007)
  • Language: English
  • ISBN-10: 0470181451
  • ISBN-13: 978-0470181454
  • Product Dimensions: 9.2 x 7.4 x 1.6 inches
  • Shipping Weight: 2.2 pounds
  • Popular: imageDescription:

    EnCE certification tells the world that you’ve not only mastered the use of EnCase Forensic Software, but also that you have acquired the in-depth forensics knowledge and techniques you need to conduct complex computer examinations. This official study guide, written by a law enforcement professional who is an expert in EnCE and computer forensics, provides the complete instruction, advanced testing software, and solid techniques you need to prepare for the exam.

    Key topics include:

    • Understanding Computer Hardware. Understanding computer components, boot processes, partitions, and files systems, so you can explain them to a jury
    • First Response. What to do and how to follow procedures when first entering a scene
    • Acquisition of Digital Evidence. Creating EnCase boot disks; booting with EnCase boot disks; and drive-to-drive, network cable, FastBloc, Linen, and Enterprise acquisitions
    • EnCase Forensic Software Overview. Tour of EnCase environment including software, menus, and capabilities
    • Report Writing. Sample reports from real-life cases (names changed)
    • EnCase Legal Journal. Essential information on operating within the law and giving expert testimony

    Price:

    List Price: $69.99 Price: $35.28 You Save: $34.71

Read More

Computer Forensics: Principles and Practices

DATARECOVERYUNION.COM03 mins

Computer Forensics: Principles and Practices by Linda Volonino, Reynaldo Anzaldua, Jana Godwin

Details:

  • Paperback: 552 pages
  • Publisher: Prentice Hall; 1 edition (August 31, 2006)
  • Language: English
  • ISBN-10: 0131547275
  • ISBN-13: 978-0131547278
  • Product Dimensions: 8.9 x 7.4 x 0.9 inches
  • Shipping Weight: 1.8 pounds
  • Popular: imageDescription:
    For introductory and intermediate courses in computer forensics, digital investigations, or computer crime investigation By applying information systems, computer security, and criminal justice principles and practices to crime investigations and other legal actions, this text teaches students how to use forensically-sound methodologies and software to acquire admissible electronic evidence (e-evidence) with coverage of computer and email forensics, cell phone and IM forensics, and PDA and Blackberry forensics.

    Review:

    “I highly recommend this book for beginners and experienced forensics experts. It talks about all possible situations you could encounter from a technological and legal stand point. This book really prepares you for how to be ready for the field and explains everything in a really friendly way. The book is a very easy read but is specific and isn’t vague like other books I have read. You can literally keep reading and not have to take a break.”

    Computer Forensics: Principles and Practices is a great teaching tool for forensic investigators of all skill levels. For a beginner, the book takes you through the investigative process from A to Z and doesn’t leave out the more advanced and complicated processes of data carving, email reconstruction and mobile device analysis.

    For the advanced user, there is plenty of information that is both relevant and useful, some of which you may not have seen before. I appreciated this most because of the specific processes outlined and the tools that were described. I am a big fan of books that can help you apply examples to your own processes, something this book does very well.

    Everything from A to Z, this book provides excellent material focusing on process and step-by-step analysis using the latest tools available.

    Price:

    List Price: $105.33 Price: $84.53 You Save: $20.80

Read More