Computer Forensics: Incident Response Essentials | 
 enlarge | Authors: Warren G. Kruse, Jay G. Heiser
Publisher: Addison-Wesley Professional
Category: Book
List Price: $54.99
Buy Used: $10.90
You Save: $44.09 (80%)
New (26) Used (27) from $10.90
Avg. Customer Rating:  21 reviews
Sales Rank: 331742
Media: Paperback
Number Of Items: 1
Pages: 416
Shipping Weight (lbs): 1.4
Dimensions (in): 9.1 x 7.3 x 0.9
ISBN: 0201707195
Dewey Decimal Number: 005.8
UPC: 785342707199
EAN: 9780201707199
ASIN: 0201707195
Publication Date: October 6, 2001
Availability: Usually ships in 1-2 business days
|
| Also Available In:
|
| Similar Items:
|
| Editorial Reviews:
Amazon.com Review
Computer security is a crucial aspect of modern information management, and one of the latest buzzwords is incident response--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did, and hopefully find out who they are. There is little doubt that the authors are serious about cyberinvestigation. They advise companies to "treat every case like it will end up in court," and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximize system uptime while protecting the integrity of the "crime scene." The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise in Unix/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and to probe your own systems. The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll's classic The Cuckoo's Egg are still in use over 10 years later--both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. --Pete Ostenson Topics covered: Overview of computer crime investigative response, including extensive descriptions of hacking techniques. Frequent examples are used to demonstrate how to extract evidence from a violated computer system. Appendices include sample incident-response forms.
Product Description
Written by two experts in digital investigation, and provides extensive information on how to handle the computer as evidence. Softcover.
|
| Customer Reviews: Read 16 more reviews...
 Computer Forensics May 21, 2007
This book is good for those not familiar computers. It keeps the material at a high level for the layman. Do not purchase if you are intending to receive in depth, technical analysis and techniques for training as a professional investigator. If you are just trying to gain an overview of the topic, this book should fulfill your requirements. It does a good job of directing the reader to appropriate external resources and tools to perform the forensic tasks the book discusses.
 Great for general computer forensics information March 3, 2005
5 out of 5 found this review helpful
Computer Forensics, Incident Response Essentials, is a great book for two groups of people:
1)All computer forensics investigators looking for a better description of the process of collecting and analyzing
data. The book provides great descriptions of the methods for maintaining chain of custody and storage. This is done through the use of example forms and scenarios. Since evidence handling principles are easily overlooked, this book seeks to provide pragmatic techniques for proper evidence preservation.
2)Someone interesting in learning what computer forensics is about. This book is great at providing a high-level description of what computer forensics is used for and how it works. The book does not go into intricate detail on any one software package. Instead, it provides you with a great overview description of numerous software packages and tools. By doing this, the reader can attain a better understanding of what value computer forensics can provide. Since the field is relatively new, it is important for people to understand what computer forensics is capable of.
I highly recommend this book if you are just getting into the field, or if you are tired of reading books that continually tout Encase as the only solution. This book is a critical addition to any computer forensic investigators library.
Good Introduction to Computer Forensics Investigations February 6, 2005
1 out of 1 found this review helpful
This book is a couple years old now, but the fundamentals remain essentially the same. Kruse and Heiser are seasoned experts in computer forensics and incident response and they have managed to boil down years of knowledge and experience into a format that is easy to read and understand. While security experts may not learn anything new from this book, those entering the field will find it invaluable. It is comprehensive and detailed while remaining easy to read. The foundation provided by reading and understanding this book can be used to move forward into more technical areas. Computer Forensics is not fluff by any means though and could easily be kept nearby as a handy reference for a computer forensic investigation.
(...)
Great book! December 31, 2004
1 out of 3 found this review helpful
Very readable and interesting.
The authors really know what they are talking about.
Tres complet. October 3, 2003
2 out of 9 found this review helpful
Ce livre presente dans un langage tres clair l'essentiel de la recherche de preuves numeriques. La couverture est d'ailleurs tres representative du contenu, les sciences forensiques, et en particulier celles relatives aux ordinateurs prenant une importance de plus en plus grande .Les lecteurs trouveront dans le Guide du Cyberdetective paru aux Editions Chiron des applications pratiques de ces investigations dans la vie courante. Les deux ouvrages se completent, bien que le dernier n'existe pour l'instant qu'en Francais.
|
|
|
