Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
Search inside this book
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Incident Response: Computer Forensics Toolkit [Paperback]

Douglas Schweitzer (Author)
4.4 out of 5 stars  See all reviews (8 customer reviews)
List Price: CDN$ 53.99
Price: CDN$ 34.01 & this item ships for FREE with Super Saver Shipping. Details
You Save: CDN$ 19.98 (37%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Usually ships within 1 to 3 weeks.
Ships from and sold by Amazon.ca. Gift-wrap available.

Book Description

Publication Date: April 18 2003
* Incident response and forensic investigation are the processes of detecting attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks
* This much-needed reference covers the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and working with law enforcement
* Details how to detect, collect, and eradicate breaches in e-mail and malicious code
* CD-ROM is packed with useful tools that help capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained

Product Details

Product Description

From the Back Cover

Your in-depth guide to detecting network breaches, uncovering evidence, and preventing future attacks

Whether it’s from malicious code sent through an e-mail or an unauthorized user accessing company files, your network is vulnerable to attack. Your response to such incidents is critical. With this comprehensive guide, Douglas Schweitzer arms you with the tools to reveal a security breach, gather evidence to report the crime, and conduct audits to prevent future attacks. He also provides you with a firm understanding of the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and how to work with law enforcement.

You’ll learn how to:

  • Recognize the telltale signs of an incident and take specific response measures
  • Search for evidence by preparing operating systems, identifying network devices, and collecting data from memory
  • Analyze and detect when malicious code enters the system and quickly locate hidden files
  • Perform keyword searches, review browser history, and examine Web caches to retrieve and analyze clues
  • Create a forensics toolkit to prop-erly collect and preserve evidence
  • Contain an incident by severing network and Internet connections, and then eradicate any vulnerabilities you uncover
  • Anticipate future attacks and monitor your system accordingly
  • Prevent espionage, insider attacks, and inappropriate use of the network
  • Develop policies and procedures to carefully audit the system

CD-ROM includes:

  • Helpful tools to capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained
  • Valuable checklists developed by the author for all aspects of incident response and handling

About the Author

DOUGLAS SCHWEITZER is an Internet security specialist and authority on malicious code and computer forensics. He is a Cisco Certified Network Associate and Certified Internet Webmaster Associate, and holds A+, Network+, and i-Net+ certifications. Schweitzer is also the author of Internet Security Made Easy and Securing the Network from Malicious Code.
Inside This Book (Learn More)
First Sentence
THE HI-TECH REVOLUTION SWEEPING THE GLOBE in communications and information technology has truly made the world a smaller place. Read the first page
Explore More
Concordance
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

4.4 out of 5 stars
8 reviews
4.4 out of 5 stars
Most helpful customer reviews
4.0 out of 5 stars Readable and relevant - but US-centric Mar 26 2004
By Edgar
Format:Paperback
The introduction describes this book as a "complete introductory course in basic computer forensics and incident response" and that is indeed the case. It begins with an overview of computer forensics and incident response in Chapter 1 and progresses to legal considerations, obtaining and preserving digital evidence, system internals (mostly Windows although Unix is also discussed) and ends with analysis of real-world attacks and possible defences in Chapter 12. Press references and citations are used to give the big picture. All in all this is a book which I would recommend with two "buts": first, the author is writing from a US perspective for a US reader, presenting and discussing US-specific legislation and legal issues; while this would be of direct interest to our US-based brethren it is of no much use to anyone else. Second, platform-dependent coverage is mostly Windows, and although Linux/Unix get mentioned throughout the book the coverage of UNIX internals and forensics is not on par with Windows counterparts. Having said this, if you are in the US and are using Windows, do get this book - it is a readable and straight introduction to a complex and interesting field which becomes more and more important.

Edgar Danielyan, CISSP
Author, SOLARIS 8 SECURITY and INFORMATION SECURITY QUALIFICATIONS HANDBOOK
[...]

Was this review helpful to you?
Yes
No
2.0 out of 5 stars Fair introductory text, could be much better. Jan 24 2004
By Tom Grozny
Format:Paperback
The author covers different aspects of incident response, but fails to go deeper in the matter.

The author talks briefly about types of attacks, briefly about forensics tools, and briefly about the incident response procedures. Such shallow coverage of the topics makes for a quite dissappointing read.

On the other hand he offers the readers complete text of USA Patriot Act 2001 - with little discussion of its implications, privacy concerns and its impact on the organizational security! Readers also get treated to full texts of Janet Renot(sp?) speeches - also with little explanation. Seems he tried to increase the word count of the book.

Forensics tools are mentioned with instructions to run them starting as "Step 1:Click the Start menu button". Every tool has a half a page description on how to start it with a screenshot taking up the rest of the page.

Forensics techniques are described, but the author presents this quite technical material in the abstract, easy-to-read form that takes away all the usefullness of it - reads like a summary.

Incident response chapters present the reader with the common sense material. Might be useful to get an idea of what is involved in developing a incident response process, but it's hard to find it practical - it's simply too general.

A fair introductory book, could be much better.

Was this review helpful to you?
Yes
No
5.0 out of 5 stars Timely and worthwhile! Jan 23 2004
By Marcus J. Ranum
Format:Paperback
This book gives the reader a solid grounding in a difficult field. Since forensics and response are an area where you're up against a creative enemy, it's impossible to give the reader a cookbook approach. Schweitzer gives the reader the tools and framework necessary to begin tackling this very difficult problem. I'm really happy to see this book available on the market, since the problem it addresses is one that's getting worse all the time and shows no sign of getting better soon.

Good job, Doug!

mjr.

Was this review helpful to you?
Yes
No
Want to see more reviews on this item?

    Your Shopping Cart is empty.

    Give it purpose—fill it with books, DVDs, clothes, electronics, and more.

    If you already have an account, sign in.

    View Cart (0 items)

      Listmania!

      Create a Listmania! list

      Look for similar items by category

      Feedback

      Would you like to update product info or give feedback on images?

      Amazon.ca Privacy Statement Amazon.ca Shipping Information Amazon.ca Returns & Exchanges