Computer Forensics: Computer Crime Scene Investigation (Networking Series) (Paperback)

Amazon.com Review

The mightiest fortresses in the world can fail, and when that happens all you can do (you being the person responsible for castle security) is figure out what went wrong, what damage was done, and by whom. If the castle was located in the right kind of kingdom–to take a metaphor too far–you can hope to prosecute the perpetrator. Computer Forensics: Computer Crime Scene Investigation explains how to gather evidence of computer crimes in such a way that it will be more likely to lead to a conviction in a criminal court. It’s an interesting legal area–after all, it’s almost always you, and not any law enforcement agency doing the surveillance and evidence-gathering on your computer systems–and John Vacca has done a fair bit of research. This book will probably expand your thinking on the subject of information security.

On the other hand, though Vacca gives good general advice (don’t lose volatile information by shutting a compromised machine down midattack; do be prepared to translate memory dumps into jury-readable form), he sometimes meanders into generalizations and irrelevancies. The fact that terrorists distribute their plans via public Web sites is certainly scary, but hardly helpful to someone wanting to prosecute the guy who vandalized the corporate Web site. Similarly interesting, but practically irrelevant to most of us, are discussions of high-energy radio frequency (HERF) and electromagnetic pulse (EMP) weapons that can knock out information systems from a distance. More focus on evidence collection in organizational computing environments would make this book useful, rather than just generally informative. –David Wall

Topics covered: How to gather evidence of a hack attack after the fact, and a lot of general-interest information on the state of crime and law enforcement in computer technology. Coverage is almost all general in nature, dealing with how to formulate a strategy and deal with events without getting into details of any operating system or computing environment.
–This text refers to an out of print or unavailable edition of this title.


Product Description

The Most Comprehensive, Up-to-Date, Reference on Computer Forensics! Using personal computers as their weapons, hackers and criminals (some only 11 years old) have attacked the Internet, government agencies, financial companies, small businesses, and the credit card accounts of unsuspecting individuals. This completely updated book/CD package provides a complete overview of computer forensics from information security issues to “crime scene investigation,” seizure of data, determining the “fingerprints” of the crime, and tracking down the criminals. The book?s companion CD-ROM contains demos of the latest computer forensics software. Numerous exercises, case studies, and vignettes of actual crimes enhance the topics under discussion, and provide the reader with solutions to computer crime in the real world.

KEY FEATURES ? Comprehensive overview of the subject from information security issues to data recovery techniques to auditing methods to terrorist cyber-attacks ? Includes Evidence Identifi cation and Checklist forms, hands-on projects, exercises, and case studies for each chapter ? CD includes tools, presentations, and demos of the latest computer forensics software ? Selected topics include: Computer Forensics Fundamentals; Data Recovery; Evidence Collection and Data Seizure; Computer Image Verifi cation; Duplication and Preservation of Digital Evidence; Electronic Evidence Reconstructing Past Events; Deterrence through Attacker ID; Destruction of e-mail; Networks; Protection against Random Terrorist Information Warfare Tactics; The Cyber Foot Print and Criminal Tracking; The Individual Exposed; Advanced Encryption & Hacking; Case Studies and Vignettes; Evidence Checklists and Forms

On the CD-ROM (See Appendix G for Details) Includes a collection of forensic tools, demonstrations, docs, product presentations, and figures from the book. Topics and demos include: analysis tools, data recovery, forensic examination checklists, instant messenger issues, litigation, forensic training and certification information, case profiles, and more

SYSTEM REQUIREMENTS The third party software contained on the CD-ROM runs on a variety of platforms and operating systems. Please consult Appendix G for more details, and especially Web site information for specific requirements, updates, etc. Minimum system requirements for all of these software products include Adobe Acrobat 5.0 or higher, Windows 2000, XP; an Internet connection; some also require basic hardware such as Firewire, USB Devices, Zip, Jaz, Floppy Diskettes, or hard disk drives (IDE, EIDE, SCSI, ATA, SATA).

See all Editorial Reviews