Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes
||Author: Albert J. Marcella Jr, Robert S. Greenfield|
List Price: $49.95
Our Price: Click to see the latest and low price
Publisher: Auerbach Pub (23 January, 2002)
Sales Rank: 76,359
Average Customer Rating: 4 out of 5
Customer ReviewsRating: 3 out of 5
I was looking for a book that would teach me how to do things. I can find lots of information on the internet, but I wanted techniques collaborated in one book by a professional. What I found was a lot of legal background, and historical background. I am not starting a computer forensics firm, but I do want to be able to track down, if some sort of mishap occurs. This book provides low level information, like dissecting Netscape, and going through and showing you how to track someone's steps through Netscape Navigator. I wanted some more practical knowledge that I could use to fight spammers, or to show me how to deal with intrusions on my system. I was disappointed with this book, but I hope that you won't be.
Rating: 5 out of 5
Thorough and suitable for the experienced professional
This book is an excellent follow-on book to Computer Forensics: Incident Response Essentials by Kruse and Heiser, which introduces the fundamentals. This book goes much deeper and is more technical than the Kruse and Heise, therefore the ideal audience is practicing professionals who have prior experience in forensics and a wide range of hardware, software and network knowledge.
Tools and techniques are presented in painstaking detail. I was unable to find a single gap or omission, which speaks highly of the editorial and review process behind this book's 464 pages. While most technical disciplines can dispense with finer details, the nature of forensics is to overlook nothing. If you find the step-by-step thoroughness boring that is an indication that forensics may not be your forte; if you're an experienced professional you'll appreciate the coverage of every technique or use of tools.
While the discussion of tools and techniques will satisfy even the most experienced practitioner, I found the detailed discussion of legal aspects, HR considerations and overall security and incident response processes to be the book's strongest points. This area is what sets forensics experts apart from technicians, and it is here that the book (in my opinion) adds the most value. Procedures ranging from how to properly gather, preserve and control evidence, to legal considerations for designing processes are covered in clear language, as are US and international legal guidelines.
Parts that I especially like include: intrusion management and profiling, up-to-date information on electronic commerce legal issues, the numerous checklists and cited resources, and the clearly delineated process for dealing with incidents.
If you're new to forensics you will probably get more from this book by first reading Computer Forensics: Incident Response Essentials by Kruse and Heiser. If, however, you have previous computer forensics experience or are currently serving in that role this book is probably one of the best investments you can make.
· Computer Forensics : Incident Response Essentials
· Computer Forensics: Computer Crime Scene Investigation (With CD-ROM)
· Incident Response and Computer Forensics, Second Edition
· Digital Evidence and Computer Crime
· Handbook of Computer Crime Investigation: Forensic Tools & Technology