[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: RE: Questions concerning computer forensics
From: "Soontobeelsewhere" <troy () digitalwarroom ! com>
Date: 2003-06-26 17:16:48
[Download RAW message or body]
"4. I am currently reading Computer Forensics: Incident Response
Essentials
by Warren Kruse and Jay Heiser, are there any other books and/or whitepapers
that anyone can suggest?"
Warren is a good guy and his book is very good.
Here is a reading list that has been going around (and added to):
Hardware Section
"Upgrading And Repairing PCs", by Scott Mueller, Que, ISBN: 0789725428
"Troubleshooting, Maintaining & Repairing PCs", by Stephen Bigelow,
McGraw-Hill, ISBN: 0072132728
"PC Hardware in a Nutshell", by Robert Bruce Thompson, et. al., O'Reilly &
Associates, ISBN: 1565925998
Microsoft Windows Section
"Inside Microsoft Windows 2000, Third Edition" by Solomon and Russinovich,
Microsoft Press, ISBN 0-7356-1021-5
"Inside the Windows 95 File System" by Stan Mitchell, O'Reilly and
Associates, ISBN 1-56592-200-X
"Windows NT File System Internals: A Developers Guide" by Rajeev Nagar,
O'Reilly and Associates, ISBN 1-56592-249-2
"Undocumented Windows NT" by Prasa Dabak, et. al., M&T Books, ISBN
0-7645-4569-8
"Undocumented Windows 2000 Secrets: A Programmer's Cookbook", by Sven B.
Schreiber, Addison-Wesley, ISBN 0-201-72187-2
"Windows 2000 Kernel Debugging" by Stephen McDowell, Prentice Hall, ISBN:
0130406376.
"Developing Windows NT Device Drivers: A Programmers Handbook" by Dekker and
Newcomer, Addison-Wesley, ISBN: 0201695901.
"Windows Admin Scripting Little Black Book" by Jesse M. Torres, Coriolis
Group, ISBN: 1576108813.
"Windows NT/2000 Network Security" by E. Eugene Schultz, New Riders, ISBN:
1578702534.
"Microsoft Windows NT Technical Support Training" by Microsoft Press, ISBN:
1572313730.
UNIX Section
"Essential System Administration" by Aeleen Frisch, O'Reilly & Associates,
ISBN: 1565921275.
"UNIX System Administration Handbook, Third Edition" by Evi Nemeth, et. al.,
Prentice Hall, ISBN: 0130206016.
"Unix Power Tools Second Edition", by Jerry Peek, et. al., O'Reilly &
Associates, ISBN: 1565922603.
"Using csh and tcsh", by Paul DuBois, O'Reilly & Associates, ISBN:
1565921321
A book on the Bourne shell (sh), the Korn shell (ksh), and the Bourne Again
shell (bash).
Programming Languages Section
"The C Programming Language" by Kernighan and Ritchie, Prentice Hall, ISBN
0-13-110362-8
"Programming Perl, Second Edition" by Larry Wall, et. al., O'Reilly and
Associates, ISBN 1-56592-149-6
"Perl Cookbook" by Christiansen and Torkington, O'Reilly and Associates,
ISBN 1-56592-243-3
"Mastering Regular Expressions" by Jeffrey Friedl, O'Reilly and Associates,
ISBN 1-56592-257-3 a C++ book
A Visual Basic book
Networking Section
"TCP/IP Illustrated, Volume 1: The Protocols" by W. Richard Stevens,
Addison-Wesley, ISBN 0-201-63346-9
"Steal This Computer Book" by Wallace Wang, No Starch Press, ISBN:
1886411425.
"Network Intrusion Detection: An Analyst's Handbook, Second Edition" by
Stephen Northcutt, et. al., New Riders, ISBN 0735710082.
"Sendmail, Second Edition", by Bryan Costales, O'Reilly and Associates, ISBN
1-56592-222-0
"DNS and BIND, Fourth Edition", by Albitz and Liu, O'Reilly and Associates,
ISBN 0596001584.
"The Whole Internet: The Next Generation", by Conner-Sax and Krol, O'Reilly
and Associates, ISBN 1-56592-428-2
"Practical UNIX & Internet Security", by Garfinkel and Spafford, O'Reilly
and Associates, ISBN 1-56592-148-8
a NetBIOS book
Computer Forensics Section
"Computer Forensics: Incident Response Essentials" by Kruse and Heiser,
Addison-Wesley ISBN: 0201707195
"Know Your Enemy: Revealing the Security Tools, tactics, and Motives of the
Blackhat Community" edited by Lance Spitzner, Addison-Wesley ISBN:
0201746131.
"Handbook of Computer Crime Investigation: Forensic Tools & Technology" by
Eoghan Casey, Academic Press ISBN: 0121631036.
"Digital Evidence and Computer Crime" by Eoghan Casey, Academic Press, ISBN:
012162885X.
"Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving
Evidence of Computer Crimes" by Marcella and Greenfield, Auerbach
Publications, ISBN: 0849309557.
"Computer Forensics: Computer Crime Scene Investigation" by John R. Vacca,
Charles River Media, ISBN: 1584500182.
"Computer Forensics and Privacy" by Michael Caloyannides, Artech House,
ISBN: 1580532837.
"Incident Response: Investigating Computer Crime" by Chris Prosise, Kevin
Mandia, McGraw-Hill, ISBN: 0072131829.
"Forensic Computing : A Practitioner's Guide" by Tony Sammes, et. al.,
Springer Verlag, ISBN: 1852332999.
"Information Assurance: Surviving the Information Environment" by Blyth and
Kovacich, Springer Verlag, ISBN: 185233326X.
Forensics Section
"Criminalistics: An Introduction to Forensic Science" by Richard Saferstein,
Prentice Hall, ISBN: 0130138274.
"Techniques of Crime Scene Investigation" by Barry Fisher, CRC Press; ISBN:
0849381193.
"Criminal Investigation" by Charles Swanson, et. al, McGraw-Hill Higher
Education; ISBN: 007228594X.
-----Ursprüngliche Nachricht-----
Von: Joe Lindsay [mailto:josephlindsay11182@hotmail.com]
Gesendet: Tuesday, June 24, 2003 7:39 PM
An: security-basics@securityfocus.com
Betreff: Questions concerning computer forensics
I am currently a senior in college and I am looking to go into computer
forensics. Right now i am currently teaching myself some of the tehniques
used in doing Win2k and some *nix investigation. I am a computer science
and information systems major. I just have some questions about computer
forensics in general.
1. How closely related are computer forensics and security?
2. I have done palm programming, and I read an article about palms being
used to prosecute. Is there a growing need for palm forensics?
3. I have some tools, but they are from sourceforge. Are there any
freeware or trialware available for Win2k machine(sadly been unable to get
linux installed, tried many different distros :-<)?
5. Is there a growing need for computer forensics in the work place? Does
the security analyst or consultant double up as computer forensic analyst or
security investigator?
Thank you for your time,
Joe Lindsay
_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant, while
InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant, while
InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic