Hacking Exposed Computer Forensics

Overview

Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You’ll get expert information on crucial procedures to successfully prosecute violators while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It’s all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you’ll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies.

Table of contents

Part I: Preparing for an Incident
Chapter 1: The Forensics Process
Chapter 2: Computer Fundamentals
Chapter 3: Forensic Lab Environment Preparation
Part II: Collecting the Evidence
Chapter 4: Forensically Sound Evidence Collection
Chapter 5: Remote Investigations and Collections
Part III: Forensic Investigation Techniques
Chapter 6: Microsoft Windows Systems Analysis
Chapter 7: Linux Analysis
Chapter 8: Macintosh Analysis
Chapter 9: Defeating Anti-Forensic Techniques
Chapter 10: Enterprise Storage Analysis
Chapter 11: E-mail Analysis
Chapter 12: Tracking User Activity
Chapter 13: Cell Phone and PDA Analysis
Part IV: Presenting Your Findings
Chapter 14: Documenting the Investigation
Chapter 15: The Justice System
Part V: Appendixes
Appendix A: Forensic Forms and Checklists
Appendix B: Understanding Legal Concerns
Appendix C: The Digital Evidence Legal Process
Appendix D: Searching Techniques
Appendix E: The Investigator’s Toolkit
Glossary

Back cover copy

Learn the secrets and strategies for investigating computer crime
Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You’ll get expert information on crucial procedures to prosecute violators successfully while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It’s all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you’ll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies.
Digital sleuthing techniques that will withstand judicial scrutiny
Inside, you’ll learn to:

Plan and prepare for all stages of an investigation using the proven Hacking Exposed methodology
Work with and store evidence in a properly configured forensic lab
Deploy an effective case management strategy to collect material, document findings, and archive results
Covertly investigate, triage, and work with remote data across the network
Recover partitions, INFO records, and deleted, wiped, and hidden files
Acquire, authenticate, and analyze evidence from Windows, UNIX, and Macintosh systems using the latest hardware and software tools
Use forensic tools to uncover obscured code, file mismatches, and invalid signatures
Extract client and Web-based email artifacts using Email Examiner, EnCase, Forensic Toolkit, and open source tools
Handle enterprise storage like RAIDs, SANs, NAS, and tape backup libraries
Recover vital data from handheld devices such as PDAs and cell phones

About the Authors: Chris Davis, CISSP, is a Computer Forensics Examiner for Texas Instruments. He has trained and presented at Black Hat, ISSA, CISA, ConSecWest, McCombs School of Business, PlanetPDA, and 3GSM World Congress.
Aaron Philipp, CISSP, is the co-founder of Affect Consulting. He has taught classes at Black Hat, McCombs School of Business - UT Austin, and various military organizations.
Dave Cowen, CISSP, Senior Consultant at Fios, has extensive experience in security research, application security testing, penetration testing, and computer forensic analysis. He is an expert witness and a regular speaker on computer forensics.

User Reviews

Submit your review below by signing into Google Friend Connect!