As IT and law enforcement workers battle an epidemic of computer crime, computer forensics—the art and science of acquiring and analyzing digital evidence, reconstructing data and assaults, and identifying perpetrators—becomes even more crucial.
Two widely respected professionals provide a thorough and practical overview of the topic of Forensic Discovery.
This book introduces a potent method that can frequently recover evidence thought to be lost forever and covers both the theory and practical application of computer forensics.
The writers discuss everything from file systems to memory and kernel hacks to viruses, drawing on their significant first-hand knowledge. They debunk a wide range of myths about computer forensics that frequently get in the way of success. The book's detailed examples from Solaris, FreeBSD, Linux, and Microsoft Windows are included, along with step-by-step instructions for creating one's own forensic tools.
The authors of this book are exceptionally qualified: Some of the most well-known security tools ever built, such as the renowned SATAN network scanner and the potent Coroner's Toolkit for analyzing UNIX break-ins, were personally developed by them.