|
Incident Response and Computer Forensics, Second Edition | 
 enlarge | Authors: Chris Prosise, Kevin Mandia, Matt Pepe
Publisher: McGraw-Hill/Osborne
Category: Book
List Price: $49.99
Buy New: $24.99
You Save: $25.00 (50%)
New (31) Used (26) from $20.49
Avg. Customer Rating:  29 reviews
Sales Rank: 130893
Media: Paperback
Edition: 2
Number Of Items: 1
Pages: 507
Shipping Weight (lbs): 2.5
Dimensions (in): 9.1 x 7.2 x 1.3
ISBN: 007222696X
Dewey Decimal Number: 005
UPC: 783254041295
EAN: 9780072226966
ASIN: 007222696X
Publication Date: July 17, 2003
Availability: Usually ships in 1-2 business days
Shipping: International shipping available
Condition: Brand New, Perfect Condition, Please allow 4-14 business days for delivery. 100% Money Back Guarantee, Over 1,000,000 customers served.
|
| Editorial Reviews:
Amazon.com
A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques. Anti-attack procedures are presented with the goal of identifying, apprehending, and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behavior is top quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don't--and can't--offer a foolproof guide to catching crackers in the act, but they do offer a great "best practices" guide to active surveillance. --David Wall Topics covered: Monitoring computer systems for evidence of malicious activity, and reacting to such activity when it's detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack, and tools for making forensic work easier.
Product Description
Written by FBI insiders, this updated best-seller offers a look at the legal, procedural, and technical steps of incident response and computer forensics. Including new chapters on forensic analysis and remediation, and real-world case studies, this revealing book shows how to counteract and conquer today’s hack attacks.
Download Description
This is one of the first books available that explains what to do after you've been hacked. Written by FBI insiders, this book reveals the computer forensics process and offers authoritative solutions designed to counteract and conquer hacker attacks.
|
| Customer Reviews: Read 24 more reviews...
 You must buy... January 17, 2007
You must buy if you are beginner, intermedium or advanced in forensic computers.
 Ok book but File System Forensic is better May 24, 2006
2 out of 3 found this review helpful
I liked this book, but it is scattered in its topics. A lot of the information can be found online, and the tools aren't what we use on a daily basis. I'm not sure if any of them are commercial tools in this book.
I liked File System Forensics by Brian Carrier better. Even though it had a smaller area to cover it provided a better introduction to the area and I could see how it could be used in a class better. Still, this book does have a lot of good content and makes a nice addition.
Best incidence reponse book out March 4, 2005
6 out of 8 found this review helpful
This is no doubt the best incidence reponse book out. I highly recommend this for anyone either in the field, learning to get into the field, or running a small to medium sized company without a team of experts. My entire network admin team uses this as a reference at the side of their desk.
 Excellent basic reference May 15, 2004
11 out of 12 found this review helpful
I read the book in about three days and found it to be a good primer for one leaning towards computer forensics. While some of the technology and tools described in the book will undoubtedly change within the next few months, a lot of the basic principles will remain pertinent for a long time to come. I heartily recommend this book for anyone with more than just a casual interest in Computer Security.
The Very Best Computer Forensics Primer Out There (1/04) January 22, 2004
14 out of 16 found this review helpful
As an attorney and a formally-trained computer forensics examiner and instructor who has been tilling the fields of digital evidence for some time, I'm always on the prowl for the next great computer forensics tool or text that's going to help me find the next smoking gun...or at least be confident I haven't overlooked it. I've built a substantial library of books and articles on computer forensics, some very good and some a complete waste of money. But, this book is the best of the best.From its step-by-step detail of the forensic process to its copious and helpful illustrations and screen shots to its unvarnished discussion of the tools in the marketplace, the second edition of Incident Response and Computer Forensics is, for my money, the most valuable resource any computer forensic examiner could have on their shelf. Many of the techniques and shortcuts detailed are "trade secrets" in that I've never seen them described in print. Unlike other forensic guides that assume the reader owns a costly forensic software suite, this book fairly splits its emphasis between Linux tools, shareware and the best software packages. That means the reader can begin the learning process at once, without investing anything more than their time and interest. Another strength is that the book neither presupposes a too-high level of knowledge or experience nor dumbs down its content such that an expert wouldn't derive any value. There's something here for everyone who cares about computer forensics, from the neophyte to the grizzled veteran. When I paid $50.00 for this tome at a big box bookstore, I worried I was paying too much. Now, I'd think it cheap at twice the price. As another reviewer pointed out, it doesn't devote a chapter to the law, but that is not to say that legal considerations are ignored. To the contrary, I think the authors do an excellent job of giving a useful "heads-up" where needed and not moving out of their depth. I don't know these guys, but I'd sure like to shake their hands for a job well done! Thanks. Craig Ball is an attorney and certified computer forensic examiner based in Montgomery, Texas, who teaches and consults with attorneys and the courts on matters of computer forensics and electronic discovery.
|
|
|
Powered by Associate-O-Matic
| |
