What do you think?
Rate this book
Real Digital Forensics: Computer Security and Incident Response by Keith J. Jones (23-Sep-2005) Paperback
You can't succeed in the field of computer forensics without hands-on practice--and you can't get hands-on practice without real forensic data. The Real Digital Forensics. In this book, a team of world-class computer forensics experts walks you through six detailed, highly realistic investigations and provides a DVD with all the data you need to follow along and practice. From binary memory dumps to log files, this DVD's intrusion data was generated by attacking live systems using the same tools and methods real-world attackers use. The evidence was then captured and analyzed using the same tools the authors employ in their own investigations. This book relies heavily on open source tools, so you can perform virtually every task without investing in any commercial software. You'll investigate environments ranging from financial institutions to software companies and crimes ranging from intellectual property theft to SEC violations. As you move step by step through each investigation, you'll discover practical techniques for overcoming the challenges forensics professionals face most often.Inside, you will find in-depth information on the following * Responding to live incidents in both Windows and Unix environments * Determining whether an attack has actually occurred * Assembling a toolkit you can take to the scene of a computer-related crime * Analyzing volatile data, nonvolatile data, and files of unknown origin * Safely performing and documenting forensic duplications * Collecting and analyzing network-based evidence in Windows and Unix environments * Reconstructing Web browsing, e-mail activity, and Windows Registry changes * Tracing domain name ownership and the source of e-mails * Duplicating and analyzing the contents of PDAs and flash memory devices The accompanying DVD contains several gigabytes of compressed data generated from actual intrusions. This data mirrors what analysts might find in real investigations and allows the reader to learn about forensic investigations in a realisticsetting. A(c) Copyright Pearson Education. All rights reserved.
Unknown Binding
First published October 3, 2005
7 people are currently reading
224 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
May 7, 2017
I love how old this book is and yet how relevant those topics are today.
Incident Response is way more important today than back then, but it blows my mind that some people started doing it way back before it became mainstream. Truly pioneers of the field.
It is a practical, hands-on DFIR book, however most of the tools is outdated. This is expected for any technical books, that focus on tools.
It is still useful and relevant today since methods largely the same, so worth a read anyway. You just have to find a tools yourself.
Incident Response is way more important today than back then, but it blows my mind that some people started doing it way back before it became mainstream. Truly pioneers of the field.
It is a practical, hands-on DFIR book, however most of the tools is outdated. This is expected for any technical books, that focus on tools.
It is still useful and relevant today since methods largely the same, so worth a read anyway. You just have to find a tools yourself.
July 18, 2007
If you want a book which will SHOW, and not just tell you, how to do forensics on Windows and Linux as well as network forensics and malware analysis, this is the book for you. Written by definite experts in the industry.
I would normally give this a 5, but there are a few minor typos which spoiled it for me. They also left out a few explanations which I thought should be in there. Still worth having on your bookshelf.
I would normally give this a 5, but there are a few minor typos which spoiled it for me. They also left out a few explanations which I thought should be in there. Still worth having on your bookshelf.
June 25, 2014
Good practical tools - fairly easy to read and understand - not a whole lot of concepts; this was mainly a "how-to" guide on a lot of related, but independent tools & processes.
August 21, 2018
Dry, but full of good information.
Displaying 1 - 4 of 4 reviews