Real Digital Forensics: Computer Security and Incident Response

Keith J. Jones, Richard Bejtlich, Curtis W. Rose

  • 出版商: Addison-Wesley Professional
  • 出版日期: 2005-10-03
  • 售價: $2,112
  • 語言: 英文
  • 頁數: 688
  • 裝訂: Paperback
  • ISBN: 0321240693
  • ISBN-13: 9780321240699

立即出貨

買這商品的人也買了...

商品描述

Table of Contents:

Preface.

Acknowledgments.

About the Authors.

Case Studies.

I. LIVE INCIDENT RESPONSE.

 1. Windows Live Response.

 2. Unix Live Response.

II. NETWORK-BASED FORENSICS.

 3. Collecting Network-Based Evidence.

 4. Analyzing Network-Based Evidence for a Windows Intrusion.

 5. Analyzing Network-Based Evidence for a Unix Intrusion.

III. ACQUIRING A FORENSIC DUPLICATION.

 6. Before You Jump Right In…

 7. Commercial-Based Forensic Duplications.

 8. Noncommercial-Based Forensic Duplications.

IV. FORENSIC ANALYSIS TECHNIQUES.

 9. Common Forensic Analysis Techniques.

10. Web Browsing Activity Reconstruction.

11. E-Mail Activity Reconstruction.

12. Microsoft Windows Registry Reconstruction.

13. Forensic Tool Analysis: An Introduction to Using Linux for Analyzing Files of Unknown Origin.

14. Forensic Tool Analysis: A Hands-On Analysis of the Linux File aio.

15. Forensic Tool Analysis: Analyzing Files of Unknown Origin (Windows).

V. CREATING A COMPLETE FORENSIC TOOL KIT.

16. Building the Ultimate Response CD.

17. Making Your CD-ROM a Bootable Environment.

VI. MOBILE DEVICE FORENSICS.

18. Forensic Duplication and Analysis of Personal Digital Assistants.

19. Forensic Duplication of USB and Compact Flash Memory Devices.

20. Forensic Analysis of USB and Compact Flash Memory Devices.

VII. ONELINE-BASED FORENSCIS.

21. Tracing E-Mail.

22. Domain Name Ownership.

Appendix: An Introduction to Perl.

Index.