Computer Forensics: Incident Response Essentials et plus d'un million d'autres livres sont disponibles pour le Kindle d'Amazon. En savoir plus
  • Tous les prix incluent la TVA.
Il ne reste plus que 5 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon.
Emballage cadeau disponible.
Quantité :1
Computer Forensics: Incid... a été ajouté à votre Panier
+ EUR 2,99 (livraison)
D'occasion: Bon | Détails
Vendu par worldofbooksfr
État: D'occasion: Bon
Commentaire: The book has been read but remains in clean condition. All pages are intact and the cover is intact. Some minor wear to the spine.
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 2 images

Computer Forensics: Incident Response Essentials (Anglais) Broché – 26 septembre 2001


Voir les 2 formats et éditions Masquer les autres formats et éditions
Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
Broché
"Veuillez réessayer"
EUR 46,64
EUR 29,65 EUR 2,24

Offres spéciales et liens associés


Descriptions du produit

Quatrième de couverture

Every computer crime leaves tracks—you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene.

Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity.

Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding.

Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics process—from the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered.

This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three A's of computer forensics:

  • Acquire the evidence without altering or damaging the original data.
  • Authenticate that your recorded evidence is the same as the original seized data.
  • Analyze the data without modifying the recovered data.

Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography.



0201707195B09052001

Biographie de l'auteur



0201707195AB05232001




Détails sur le produit


En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Dans ce livre

(En savoir plus)
Parcourir les pages échantillon
Couverture | Copyright | Table des matières | Extrait | Index
Rechercher dans ce livre:

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles

Commentaires client les plus utiles sur Amazon.com (beta)

Amazon.com: 23 commentaires
59 internautes sur 64 ont trouvé ce commentaire utile 
Suitable for newbie incident responders or non-IT staff 9 octobre 2001
Par Richard Bejtlich - Publié sur Amazon.com
Format: Broché
I am a senior engineer for network security operations. I read "Computer Forensics: Incident Response Essentials" (CFIRE) because I am responsible for performing intrusion detection and incident response on a daily basis. Those with similar skills will probably consider CFIRE too basic. Those working outside the information technology world may find CFIRE enlightening.

I'm a graduate of the SANS System Forensics, Investigation, and Response course and have read "Incident Response: Investigating Computer Crime" (IRICC) by Mandia, Prosise, and Pepe. In my opinion, CFIRE does not offer any new or truly significant material. For example, chapter 2 ("Tracking an Offender") offers several pages on how to find the headers in Outlook messages. Elsewhere, one discovers very elementary information on UNIX commands, searching Windows hard drives, and understanding UNIX file systems. All of this appears in other books or is common knowledge for IT staff.

I was disappointed that the impressive reviewer list did not detect several errors. As a fairly young network engineer, I still recognized this mistake on page 32: "When you dial to an ISP with a modem, you might use a layer 3 protocol called Point to Point Protocol (PPP). Referring back to Figure 2-1, layer 3 is the network layer, and in the case of a dial-up connection, PPP replaces IP." Untrue -- PPP is actually a layer 2 protocol; IP is used above PPP. Furthermore, figure 2-1 on page 24 presents numerous problems: NetBEUI spans layers 3 to 5 (not 3 to 4), web browsers and email clients do not belong at layer 7 (they are applications which call layer 7 protocols), and so on. Also, page 121 claims "you cannot delete an alternate stream from the command line." However, page 193 of "Hacking Exposed: Windows 2000" demonstrates how to remove streams.

On the positive side, CFIRE will probably not scare non-IT staff. They will probably find the numerous tables, screen shots, and references useful. This book could be viewed as a gentle introduction to the incident response and forensics field, especially for the Microsoft Windows crowd.

Two types of staff wear "computer forensics" hats. The first type investigate misuse of computers, typically by authorized personnel. This group is happy to know how to image a drive and search the copy for signs of illicit images or software. The second type investigates compromises, where unknown (usually remote) parties have penetrated a network and used machines for their own purposes. This group will be unsatisfied when CFIRE states on page 132 "we don't anticipate that most readers of this book will become this specialized." If you need that deep level of knowledge, read "Incident Response: Investigating Computer Crime."

(Disclaimer: The publisher provided a free review copy.)
27 internautes sur 28 ont trouvé ce commentaire utile 
Excellent introduction to the basics 13 avril 2002
Par Mike Tarrani - Publié sur Amazon.com
Format: Broché
The authors, both of whom have impeccable credentials, have managed to distill a complex subject into a book that can be understood by anyone with intermediate-level computer skills. More importantly, computer forensics is a relatively new sub discipline of IT security, making this book important in that there are few books on the topic.
I'll start with the beginning and end of the book, each of which are focused on legal aspects of forensics. The book begins by explaining what forensics is, and giving a three-step process that covers the essentials at a high level: (1) acquire evidence, (2) authenticate it, and (3) analyze it. Although this process is presented at a high level, important details, such as the importance of establishing and maintaining a chain of custody, how to collect and document evidence and key issues to consider when presenting the evidence in court are covered. This discussion is picked up again in Chapter 12, Introduction to the Criminal Justice System, in which applicable laws, advice on dealing with law enforcement agencies, and the distinction between criminal and civil cases are discussed. There is sufficient detail and pointers to put sources of information to arm you with the bare essentials.
Between the opening chapter and Chapter 12 described above are chapters devoted to basic techniques and procedures for tracing email, specific operating system issues (the book deals with UNIX and Windows), encryption, codes and compression and other common challenges an investigator will face. The material is not overly technical, and is presented in easy-to-understand prose. Anyone who works as a network or system administrator, provides desktop support, or is an advanced end user will have no problems following the techniques that are presented or the underlying technical details. If you're seeking an advanced text this book will probably disappoint you, although there is sure to be some new trick or fact that you'll learn. For example, I have over 25 years of IT experience and was fascinated by the discussion of steganography (an information hiding technique). There were other chapters that I quickly skimmed because I was well-versed in the subject matter.
What I like about the book is the easy approach, which makes it easy to develop the fundamental skills necessary to perform forensics. The few other papers and books on the subject are far more advanced and the learning curve is a barrier. This book will give the new security investigator a foothold in the topic upon which he or she can build. I especially liked the appendices, which provide an excellent framework for incident response. One of the best features is the detailed roles and responsibilities, which are well thought out and reinforce the axiom that security is everyone's business. Another outstanding feature is the flowcharts for various incident types, such as denial of service, hostile code, etc. These can be used verbatim in a security policies and procedures manual, as can the incident response form provided in Appendix B. I also liked the valuable URLs provided throughout the book. I knew of many, but was surprised to find invaluable resources that I didn't know about.
Even though much of this book presented information I already knew, I still enjoyed reading it because I picked up facts that I didn't previously know, and was reminded of legal aspects of forensics and security that I'd forgotten. The appendices alone make this worthwhile to even advanced readers, and the fact that it provides an entry point into forensics for new practitioners makes this book invaluable as a training tool and vehicle for professional growth.
18 internautes sur 18 ont trouvé ce commentaire utile 
A Much Needed Primer 26 novembre 2001
Par James Sibley - Publié sur Amazon.com
Format: Broché
As a high technology crimes prosecutor in Silicon Valley, this book is just what I've been waiting for. While not an exhaustive treatise on the minutia of computer systems and forensic tools, the authors provide a comprehensive overview of investigative approaches, tools, and techniques desperately needed in the field. This book should be a must read for investigators (public and private), attorneys, and system administrators, as well as corporate management responsible for overseeing either personnel, or the security of network infrastructure and information assets. Both an excellent primer on the developing field of computer forensics and a good resource from which to launch more in depth research into a specific area in the field. While many of the previous works in this field proved to be either uninformative cursory overviews or mind numbing forays into the depths of the arcane, the authors have struck a good balance that makes for an enjoyable and informative read. Not the end all, be all of computer crime investigation, but a damn fine starting point.
13 internautes sur 13 ont trouvé ce commentaire utile 
Outstanding book on forensics 5 mai 2002
Par Zizzed - Publié sur Amazon.com
Format: Broché Achat vérifié
This is an outstanding book. Well written, very educational. If you're tasked with handling computer security incidents, you'll want to have a copy of this book on your bookshelf. The first chapter is an outstanding quick overview of the entire scope of incident response.
11 internautes sur 11 ont trouvé ce commentaire utile 
Easy to read and understand style applied to complex issues. 17 octobre 2001
Par Cynthia Hetherington - Publié sur Amazon.com
Format: Broché
As the title indicates this text is one of the "essentials." When it comes to crimes committed with and by the computer, it is no easy task to train and relate the process. Kruse and Heiser, in clear no nonsense language have relayed the complexities of forensic examination quiet well. Computer Forensics is a fundamental guide that takes on the task of describing the process, details and intricacies including the societal and legal aspects. (a point often missed by technical writers)
This is a must read for technologists familiar with computer and network operations, but unfamiliar with computer crime issues. On the other side of the coin, a user new to this arena will benefit greatly with their start to finish approach in each chapter.
This book is perfect for a classroom environment and as a reference work.
Ces commentaires ont-ils été utiles ? Dites-le-nous


Commentaires

Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?