Computer Forensics: Incident Response Essentials

click here for more details, find new or used items

Warren G. Kruse, Jay G. Heiser

Our price £29.44 (£30.99)

New from £16.33

Used from £10.77

Pages: 416 (Paperback)

ISBN: 0201707195

Pub: Addison Wesley

Pub date: 2001-10-08

Amazon.co.uk Sales Rank: 131736

Editorial Review:

Computer security is a crucial aspect of modern information management, and one of the latest buzz words is "incident response"--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did and hopefully find out who they are.
There is little doubt that the authors are serious about cyber investigation. They advise companies to "treat every case like it will end up in court" and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximise system up-time while protecting the integrity of the "crime scene".
The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise of UNIX/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and for probing your own systems.

The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll's classic The Cuckoo's Egg are still in use over 10 years later--both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. --Pete Ostenson

Reader Reviews:

An excellent introduction to this interesting subject (5/5 people found this helpful)

As an IT Developer I am aware of vulnerabilities of today's computer systems in terms of both security and data recovery, or so I thought!. This book has opened my eyes as to how much I didn't know about the subject. This is an easy informative book to read and having almost finished it in a week, I hope my next purchase on the subject teaches me as much as this did.

A sound and easy-to-read text on computer forensics. (8/8 people found this helpful)

This book makes an excellent introductory text to computer forensics. It should be considered as initial reading by any person keen to learn about this subject. Well-written, well laid out and easy to read by the layman. Good use is made of screen prints to illustrate points. A very worthwhile buy!

Similar Products

File System Forensic Analysis

Computer Forensics JumpStart^TM (Jumpstart (Sybex))

Real Digital Forensics: Computer Security and Incident Response

Windows Forensics and Incident Recovery

Incident Response Second Edition: Computer Forensics