Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions

✍ Scribed by Aaron Philipp, David Cowen, Chris Davis

Publisher: McGraw-Hill Osborne Media
Year: 2009
Tongue: English
Leaves: 521
Edition: 2
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

I use this text as the required text for a course I teach on Computer Forensics. Overall, it is an excellent introductory text. Students say that it is easy to read, which is exactly what I want in a textbook. However, I do not use it exclusively for lecture material. I pull my lecture material from a variety of texts, such as Real Digital Forensics, Incident Response (2nd edition), File System Forensic Analysis, and the other Hacking Exposed Textbooks.

The second edition is a welcome improvement. I really like the new section (Part V) where it discusses the practical cases, and what type of forensic techniques that you would use for each type of case.

I create all of my own lectures and labs for the classroom. I assign this text to students to fill in the gaps of the lectures.

✦ Table of Contents

McGraw Hill - Hacking Exposed Computer Forensics 2nd Edition November 2009 (ATTiCA)......Page 1
Contents......Page 10
Acknowledgments......Page 18
Introduction......Page 20
Part I: Preparing for an Incident......Page 24
Preparing for a Forensics Operation......Page 25
1 The Forensics Process......Page 28
Types of Investigations......Page 29
The Role of the Investigator......Page 32
Elements of a Good Process......Page 35
Defining a Process......Page 38
After the Investigation......Page 41
2 Computer Fundamentals......Page 42
The Bottom-up View of a Computer......Page 43
Types of Media......Page 48
3 Forensic Lab Environment Preparation......Page 64
The Ultimate Computer Forensic Lab......Page 65
Forensic Computers......Page 71
Forensic Hardware and Software Tools......Page 76
The Flyaway Kit......Page 78
Case Management......Page 79
Bonus: Linux or Windows?......Page 82
Part II: Collecting the Evidence......Page 84
Collecting Evidence......Page 85
4 Forensically Sound Evidence Collection......Page 86
Collecting Evidence from a Single System......Page 87
Common Mistakes in Evidence Collection......Page 117
5 Remote Investigations and Collections......Page 120
Privacy Issues......Page 121
Remote Investigations......Page 122
Remote Collections......Page 135
Encrypted Volumes or Drives......Page 145
USB Thumb Drives......Page 148
Part III: Forensic Investigation Techniques......Page 150
We're Not Done. Yet.......Page 151
Finally......Page 152
6 Microsoft Windows Systems Analysis......Page 154
Windows File Systems......Page 155
Recovering Deleted Files......Page 161
Windows Artifacts......Page 173
7 Linux Analysis......Page 184
The Linux File System (ext2 and ext3)......Page 185
Linux Analysis......Page 189
8 Macintosh Analysis......Page 198
The Evolution of the Mac OS......Page 199
Looking at a Mac Disk or Image......Page 201
Deleted Files......Page 209
A Closer Look at Macintosh Files......Page 215
Mac as a Forensics Platform......Page 218
9 Defeating Anti-forensic Techniques......Page 220
Obscurity Methods......Page 221
Privacy Measures......Page 228
10 Enterprise Storage Analysis......Page 244
The Enterprise Data Universe......Page 245
Working with NAS Systems......Page 247
Working with SAN Systems......Page 248
Working with Tapes......Page 249
Full-Text Indexing......Page 254
Mail Servers......Page 257
11 E-mail Analysis......Page 262
Finding E-mail Artifacts......Page 263
Obtaining Web-based E-mail (Webmail) from Online Sources......Page 264
Client-based E-mail......Page 266
Web-Based E-mail......Page 284
Investigating E-mail Headers......Page 290
12 Tracking User Activity......Page 296
Microsoft Office Forensics......Page 297
Tracking Web Usage......Page 306
Operating System User Logs......Page 321
13 Forensic Analysis of Mobile Devices......Page 326
Collecting and Analyzing Mobile Device Evidence......Page 328
Password-protected Windows Devices......Page 354
Conclusion......Page 361
Part IV: Presenting Your Findings......Page 362
He Said, She Said…......Page 363
14 Documenting the Investigation......Page 364
Read Me......Page 365
Internal Report......Page 366
Declaration......Page 369
Affidavit......Page 373
Expert Report......Page 374
15 The Justice System......Page 380
The Criminal Court System......Page 381
The Civil Justice System......Page 382
Expert Status......Page 387
Part V: Putting It All Together......Page 390
Time to Understand the Business Issues......Page 391
16 IP Theft......Page 392
What Is IP Theft?......Page 393
IP Theft Ramifications......Page 394
Types of Theft......Page 396
Tying It Together......Page 412
17 Employee Misconduct......Page 416
What Is Employee Misconduct?......Page 417
Ramifications......Page 418
Types of Misconduct......Page 421
Tying It Together......Page 435
18 Employee Fraud......Page 440
What Is Employee Fraud?......Page 441
Ramifications......Page 442
Types of Employee Fraud......Page 443
Tying It Together......Page 455
19 Corporate Fraud......Page 458
Ramifications......Page 460
Types of Corporate Fraud......Page 462
20 Organized Cyber Crime......Page 476
The Changing Landscape of Hacking......Page 477
Types of Hacks and the Role of Computer Forensics......Page 480
Money Laundering......Page 488
21 Consumer Fraud......Page 494
Ramifications......Page 496
Types of Consumer Fraud......Page 498
Tying It Together......Page 514
A Searching Techniques......Page 516
Regular Expressions......Page 517
V......Page 0
Z......Page 521

📜 SIMILAR VOLUMES

Hacking Exposed Computer Forensics, Seco

📁 Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions

✍ Aaron Philipp, David Cowen, Chris Davis 📂 Library 📅 2009 🏛 McGraw-Hill Osborne Media 🌐 English

"Provides the right mix of practical how-to knowledge in a straightforward, informative fashion that ties it all the complex pieces together with real-world case studies. ...Delivers the most valuable insight on the market. The authors cut to the chase of what people must understand to effectively p

Hacking Exposed Computer Forensics, Seco

📁 Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions

✍ Aaron Philipp, David Cowen, Chris Davis 📂 Library 📅 2009 🏛 McGraw-Hill Osborne Media 🌐 English

<p>"Provides the right mix of practical how-to knowledge in a straightforward, informative fashion that ties it all the complex pieces together with real-world case studies. ...Delivers the most valuable insight on the market. The authors cut to the chase of what people must understand to effectivel

Hacking Exposed Computer Forensics, Seco

📁 Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions

📂 Fiction 📅 2009 🏛 McGraw-Hill Osborne Media

Hacking Exposed Computer Forensics, Seco

📁 Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions

📂 Fiction 📅 2009 🏛 McGraw-Hill Osborne Media

Hacking Exposed Computer Forensics: Comp

📁 Hacking Exposed Computer Forensics: Computer Forensics Secrets & Solutions

✍ Aaron Philipp, David Cowen, Chris Davis 📂 Library 📅 2009 🏛 McGraw-Hill Osborne Media 🌐 English

Hacking Exposed Computer Forensics, 2nd

📁 Hacking Exposed Computer Forensics, 2nd Edition: Computer Forensics Secrets and Solutions

✍ Aaron Philipp, David Cowen, Chris Davis 📂 Library 📅 2009 🏛 McGraw-Hill 🌐 English

Identify and investigate computer criminals of all stripes with help from this fully updated. real-world resource. Hacking Exposed Computer Forensics, Second Edition explains how to construct a high-tech forensic lab, collect prosecutable evidence, discover e-mail and system file clues, track wirele