Windows Forensics-The Field Guide For Corporate Computer Investigations
An arcane pursuit a decade ago, forensic science today is a household term. And while the computer forensic analyst may not lead as exciting a life as TV's CSIs do, he or she relies just as heavily on scientific principles and just as surely solves crime.
Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals.
Computer forensics applies the same scientific principles as other forensics fields to the identification, acquisition, and analysis of digital evidence. With the advent of the Internet, both network and system forensics are becoming increasingly interrelated. The digital evidence sought by an analyst might reside on any number of devices, including personal digital assistants (PDAs), USB pen drives, digital cameras, and cell phones. Additionally, all modern operating systems are network capable, and it is rare to find standalone PCs with no external connections, providing further evidence on routers, servers, firewalls, and proxys. The field of computer forensics encompasses both system forensics and network forensics, and an understanding of both is required to conduct a thorough investigation.
TABLE OF CONTENT:
Chapter 01 - Windows Forensics
Chapter 02 - Processing the Digital Crime Scene
Chapter 03 - Windows Forensics Basics
Chapter 04 - Partitions and File Systems
Chapter 05 - Directory Structure and Special Files
Chapter 06 - The Registry
Chapter 07 - Forensic Analysis
Chapter 08 - Live System Analysis
Chapter 09 - Forensic Duplication
Chapter 10 - File System Analysis
Chapter 11 - Log File Analysis
Chapter 12 - Internet Usage Analysis
Chapter 13 - Email Investigations
Appendix A - Sample Chain of Custody Form
Appendix B - Master Boot Record Layout
Appendix C - Partition Types
Appendix D - FAT32 Boot Sector Layout
Appendix E - NTFS Boot Sector Layout
Appendix F - NTFS Metafiles
Appendix G - Well-Known SIDs
Download from Rapidshare
or
Download from Mihd
Password:ganelon
Random Posts
- IT Project Management: On Track from Start to Finish, Second Edition
- Herb Schildt’s C++ Programming Cookbook
- Worst Practices in Business Intelligence: Why BI Applications Succeed Where BI Tools Fail
- Professional Live Communications Server
- Ajax and Rest Recipes - A problem Solution Approach
- No Bull Investing - Dearborn Trade Publishing
- iPhone Open Application Development
- How to Cheat at Securing a Wireless Network July 2006 - Syngress Press
- Rich Dad, Poor Dad: What the Rich Teach Their Kids About Money-That the Poor and Middle Class Do Not!
- Essential Windows Communication Foundation (WCF): For .NET Framework 3.5
December 15th, 2007 17:11
password wrong
December 15th, 2007 19:00
Alright, something went wrong with upload process to Mihd. Because of that, it seams that password is not correct for that upload but working fine for Rapidshare, although we are talking about exactly the same file, only uploaded twice, on different file-hosters. That's why, use only Rapidshare link for this topic.
December 18th, 2007 15:23
wrong password