"Don't look now, but your fingerprints are all over the cover of
this book. Simply picking it up off the shelf to read the cover has
left a trail of evidence that you were here.
"If you think book covers are bad, computers are worse. Every time
you use a computer, you leave elephant-sized tracks all over it. As
Dan and Wietse show, even people trying to be sneaky leave evidence
all over, sometimes in surprising places.
"This book is about computer archeology. It's about finding out
what might have been based on what is left behind. So pick up a
tool and dig in. There's plenty to learn from these masters of
computer security."
--Gary McGraw, Ph.D., CTO, Cigital, coauthor of "Exploiting
Software" and "Building Secure Software"
"A wonderful book. Beyond its obvious uses, it also teaches a
great deal about operating system internals."
--Steve Bellovin, coauthor of "Firewalls and Internet Security,
Second Edition," and Columbia University professor
"A must-have reference book for anyone doing computer forensics.
Dan and Wietse have done an excellent job of taking the guesswork
out of a difficult topic."
--Brad Powell, chief security architect, Sun Microsystems,
Inc.
"Farmer and Venema provide the essential guide to 'fossil' data.
Not only do they clearly describe what you can find during a
forensic investigation, they also provide research found nowhere
else about how long data remains on disk and in memory. If you ever
expect to look at an exploited system, I highly recommend reading
this book."
--Rik Farrow, Consultant, author of "Internet Security for Home
and Office"
"Farmer and Venema do for digital archaeology what Indiana Jones
did for historicalarchaeology. "Forensic Discovery" unearths hidden
treasures in enlightening and entertaining ways, showing how a
time-centric approach to computer forensics reveals even the
cleverest intruder."
--Richard Bejtlich, technical director, ManTech CFIA, and author
of "The Tao of Network Security Monitoring"
"Farmer and Venema are 'hackers' of the old school: They delight
in understanding computers at every level and finding new ways to
apply existing information and tools to the solution of complex
problems."
--Muffy Barkocy, Senior Web Developer, Shopping.com
"This book presents digital forensics from a unique perspective
because it examines the systems that create digital evidence in
addition to the techniques used to find it. I would recommend this
book to anyone interested in learning more about digital evidence
from UNIX systems."
--Brian Carrier, digital forensics researcher, and author of "File
System Forensic Analysis"The Definitive Guide to Computer
Forensics: Theory and Hands-On Practice
Computer forensics--the art and science of gathering and
analyzing digital evidence, reconstructing data and attacks, and
tracking perpetrators--is becoming ever more important as IT and
law enforcement professionals face an epidemic in computer crime.
In Forensic Discovery, two internationally recognized experts
present a thorough and realistic guide to the subject.
Dan Farmer and Wietse Venema cover both theory and hands-on
practice, introducing a powerful approach that can often recover
evidence considered lost forever.
The authors draw on their extensive firsthand experience to
cover everything from file systems, to memory and kernel hacks, to
malware. They expose a widevariety of computer forensics myths that
often stand in the way of success. Readers will find extensive
examples from Solaris, FreeBSD, Linux, and Microsoft Windows, as
well as practical guidance for writing one's own forensic tools.
The authors are singularly well-qualified to write this book: They
personally created some of the most popular security tools ever
written, from the legendary SATAN network scanner to the powerful
Coroner's Toolkit for analyzing UNIX break-ins.
After reading this book you will be able to Understand essential
forensics concepts: volatility, layering, and trustGather the
maximum amount of reliable evidence from a running systemRecover
partially destroyed information--and make sense of itTimeline your
system: understand what really happened whenUncover secret changes
to everything from system utilities to kernel modulesAvoid
cover-ups and evidence traps set by intrudersIdentify the digital
footprints associated with suspicious activityUnderstand file
systems from a forensic analyst's point of viewAnalyze
malware--without giving it a chance to escapeCapture and examine
the contents of main memory on running systems Walk through the
unraveling of an intrusion, one step at a time
The book's companion Web site contains complete source and
binary code for open source software discussed in the book, plus
additional computer forensics case studies and resource
links.
Welcome to Loot.co.za!
Sign in / Register |Wishlists & Gift Vouchers |Help | Advanced search
