Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit (Paperback)

Ryan R. Kubasiak, Sean Morrissey

  • 出版商: Syngress Media
  • 出版日期: 2008-12-08
  • 定價: $1,920
  • 售價: 5.0$960
  • 語言: 英文
  • 頁數: 551
  • 裝訂: Paperback
  • ISBN: 1597492973
  • ISBN-13: 9781597492973
  • 相關分類: MAC OS 蘋果電腦
  • 立即出貨(限量) (庫存=4)

買這商品的人也買了...

商品描述

This book and companion DVD provide digital forensic investigators, security professionals, and law enforcement with all of the information, tools, and utilities required to conduct forensic investigations of computers running any variant of the Macintosh OS X operating system, as well as the almost ubiquitous iPod and iPhone. Digital forensic investigators and security professionals subsequently can use data gathered from these devices to aid in the prosecution of criminal cases, litigate civil cases, audit adherence to federal regulatory compliance issues, and identify breech of corporate and government usage policies on networks. The companion DVD contains custom tools developed by the authors, which can be used in real-life digital forensic investigations.

MAC Disks, Partitioning, and HFS+ File System Manage multiple partitions on a disk, and understand how the operating system stores data.
FileVault and Time Machine Decrypt locked FileVault files and restore files backed up with Leopard's Time Machine.
Recovering Browser History Uncover traces of Web-surfing activity in Safari with Web cache and .plist files
Recovering Email Artifacts, iChat, and Other Chat Logs Expose communications data in iChat, Address Book, Apple's Mail, MobileMe, and Web-based email.
Locating and Recovering Photos Use iPhoto, Spotlight, and shadow files to find artifacts pof photos (e.g., thumbnails) when the originals no longer exist.
Finding and Recovering QuickTime Movies and Other Video Understand video file formats--created with iSight, iMovie, or another application--and how to find them.
PDF, Word, and Other Document Recovery Recover text documents and metadata with Microsoft Office, OpenOffice, Entourage, Adobe PDF, or other formats.
Forensic Acquisition and Analysis of an iPod Documentseizure of an iPod model and analyze the iPod image file and artifacts on a Mac.
Forensic Acquisition and Analysis of an iPhone Acquire a physical image of an iPhone or iPod Touch and safely analyze without jailbreaking.

* Companion DVD Contains Custom Materials )Movies, Spreadsheet, Code, Utilities, Etc.) That Can Be Used in a Real Digital Forensic Investigation
* Includes Unique Information about Mac OS X, iPod, iMac, and iPhone Forensic Analysis Unavailable Anywhere Else
* Authors Are Pioneering Researchers in the Field of Macintosh Forensics, with Combined Experience in Law Enforcement, Military, and Corporate Forensics

商品描述(中文翻譯)

本書及附帶的DVD提供數位鑑識調查人員、安全專業人員和執法人員所需的所有資訊、工具和實用程式,以進行任何變體的Macintosh OS X作業系統、幾乎無所不在的iPod和iPhone的數位鑑識調查。隨後,數位鑑識調查人員和安全專業人員可以使用從這些設備中收集的數據,協助起訴刑事案件、訴訟民事案件、審計遵守聯邦監管合規問題,並識別網絡上違反企業和政府使用政策的行為。附帶的DVD包含作者開發的自定義工具,可在實際的數位鑑識調查中使用。

MAC磁碟、分割和HFS+檔案系統:管理磁碟上的多個分割,並了解作業系統如何儲存資料。
FileVault和Time Machine:解密被鎖定的FileVault檔案,並還原使用Leopard的Time Machine備份的檔案。
恢復瀏覽器歷史:使用Web快取和.plist檔案在Safari中找到網頁瀏覽活動的痕跡。
恢復電子郵件文物、iChat和其他聊天記錄:揭示iChat、通訊錄、蘋果郵件、MobileMe和基於網頁的電子郵件中的通訊數據。
尋找和恢復照片:使用iPhoto、Spotlight和陰影檔案在原始檔案不存在時找到照片的文物(例如縮圖)。
尋找和恢復QuickTime電影和其他影片:了解使用iSight、iMovie或其他應用程式創建的影片檔案格式,以及如何找到它們。
PDF、Word和其他文件恢復:使用Microsoft Office、OpenOffice、Entourage、Adobe PDF或其他格式恢復文字文件和元資料。
iPod的鑑識取證和分析:記錄iPod型號的扣押,並在Mac上分析iPod映像檔和文物。
iPhone的鑑識取證和分析:取得iPhone或iPod Touch的實體映像,並在不越獄的情況下進行安全分析。

* 附帶的DVD包含可用於實際數位鑑識調查的自定義材料(電影、試算表、程式碼、實用程式等)。
* 提供關於Mac OS X、iPod、iMac和iPhone鑑識分析的獨特資訊,其他地方無法取得。
* 作者是Macintosh鑑識領域的先驅研究人員,具有執法、軍事和企業鑑識的綜合經驗。