Computer Forensics: Incident Response Essentials und über 1 Million weitere Bücher verfügbar für Amazon Kindle . Erfahren Sie mehr


oder
Loggen Sie sich ein, um 1-Click® einzuschalten.
Alle Angebote
Möchten Sie verkaufen? Hier verkaufen
Computer Forensics: Incident Response Essentials
 
 
Für Kunden: Stellen Sie Ihre eigenen Bilder ein.
Hier reinlesen und suchen
Beginnen Sie mit dem Lesen von Computer Forensics: Incident Response Essentials auf Ihrem Kindle in weniger als einer Minute.

Sie haben keinen Kindle? Hier kaufen oder eine gratis Kindle Lese-App herunterladen.

Computer Forensics: Incident Response Essentials [Englisch] [Taschenbuch]

Warren G. Kruse (Autor), Jay Heiser (Autor)
Preis: EUR 44,99 kostenlose Lieferung. Siehe Details.
  Alle Preisangaben inkl. MwSt.
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Auf Lager. Zustellung kann bis zu 2 zusätzliche Tage in Anspruch nehmen.
Verkauf und Versand durch Amazon.de. Geschenkverpackung verfügbar.
Nur noch 2 Stück auf Lager - jetzt bestellen.

Weitere Ausgaben

 Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 27,15   -- --
Taschenbuch EUR 44,99   -- --

Produktinformation

Mehr über den Autor

Warren G. Kruse
Entdecken Sie Bücher, lesen Sie über Autoren und mehr

Besuchen Sie die Seite von Warren G. Kruse auf Amazon

Produktbeschreibungen

Amazon.co.uk

Computer security is a crucial aspect of modern information management, and one of the latest buzz words is "incident response"--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did and hopefully find out who they are.

There is little doubt that the authors are serious about cyber investigation. They advise companies to "treat every case like it will end up in court" and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximise system up-time while protecting the integrity of the "crime scene".

The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise of UNIX/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and for probing your own systems.

The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll's classic The Cuckoo's Egg are still in use over 10 years later--both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. --Pete Ostenson

Amazon.com

Computer security is a crucial aspect of modern information management, and one of the latest buzzwords is incident response--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did, and hopefully find out who they are.

There is little doubt that the authors are serious about cyberinvestigation. They advise companies to "treat every case like it will end up in court," and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximize system uptime while protecting the integrity of the "crime scene."

The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise in Unix/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and to probe your own systems.

The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll's classic The Cuckoo's Egg are still in use over 10 years later--both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. --Pete Ostenson

Topics covered: Overview of computer crime investigative response, including extensive descriptions of hacking techniques. Frequent examples are used to demonstrate how to extract evidence from a violated computer system. Appendices include sample incident-response forms.

Alle Produktbeschreibungen
In diesem Buch (Mehr dazu)
Ausgewählte Seiten ansehen
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis
Hier reinlesen und suchen:

Tags

 (Was ist das?)
Bei einem Tag handelt es sich um ein Schlagwort, das zum Produkt passt.
Tags erleichtern allen Kunden die Suche und die Sortierung ihrer Lieblingsprodukte.
 
Beliebteste Tags anzeigen

Kundenrezensionen

Es gibt noch keine Kundenrezensionen auf Amazon.de
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
Amazon.com:  22 Rezensionen
56 von 61 Kunden fanden die folgende Rezension hilfreich
Suitable for newbie incident responders or non-IT staff 9. Oktober 2001
Von Richard Bejtlich - Veröffentlicht auf Amazon.com
Format:Taschenbuch
I am a senior engineer for network security operations. I read "Computer Forensics: Incident Response Essentials" (CFIRE) because I am responsible for performing intrusion detection and incident response on a daily basis. Those with similar skills will probably consider CFIRE too basic. Those working outside the information technology world may find CFIRE enlightening.

I'm a graduate of the SANS System Forensics, Investigation, and Response course and have read "Incident Response: Investigating Computer Crime" (IRICC) by Mandia, Prosise, and Pepe. In my opinion, CFIRE does not offer any new or truly significant material. For example, chapter 2 ("Tracking an Offender") offers several pages on how to find the headers in Outlook messages. Elsewhere, one discovers very elementary information on UNIX commands, searching Windows hard drives, and understanding UNIX file systems. All of this appears in other books or is common knowledge for IT staff.

I was disappointed that the impressive reviewer list did not detect several errors. As a fairly young network engineer, I still recognized this mistake on page 32: "When you dial to an ISP with a modem, you might use a layer 3 protocol called Point to Point Protocol (PPP). Referring back to Figure 2-1, layer 3 is the network layer, and in the case of a dial-up connection, PPP replaces IP." Untrue -- PPP is actually a layer 2 protocol; IP is used above PPP. Furthermore, figure 2-1 on page 24 presents numerous problems: NetBEUI spans layers 3 to 5 (not 3 to 4), web browsers and email clients do not belong at layer 7 (they are applications which call layer 7 protocols), and so on. Also, page 121 claims "you cannot delete an alternate stream from the command line." However, page 193 of "Hacking Exposed: Windows 2000" demonstrates how to remove streams.

On the positive side, CFIRE will probably not scare non-IT staff. They will probably find the numerous tables, screen shots, and references useful. This book could be viewed as a gentle introduction to the incident response and forensics field, especially for the Microsoft Windows crowd.

Two types of staff wear "computer forensics" hats. The first type investigate misuse of computers, typically by authorized personnel. This group is happy to know how to image a drive and search the copy for signs of illicit images or software. The second type investigates compromises, where unknown (usually remote) parties have penetrated a network and used machines for their own purposes. This group will be unsatisfied when CFIRE states on page 132 "we don't anticipate that most readers of this book will become this specialized." If you need that deep level of knowledge, read "Incident Response: Investigating Computer Crime."

(Disclaimer: The publisher provided a free review copy.)
27 von 28 Kunden fanden die folgende Rezension hilfreich
Excellent introduction to the basics 13. April 2002
Von Mike Tarrani - Veröffentlicht auf Amazon.com
Format:Taschenbuch
The authors, both of whom have impeccable credentials, have managed to distill a complex subject into a book that can be understood by anyone with intermediate-level computer skills. More importantly, computer forensics is a relatively new sub discipline of IT security, making this book important in that there are few books on the topic.

I'll start with the beginning and end of the book, each of which are focused on legal aspects of forensics. The book begins by explaining what forensics is, and giving a three-step process that covers the essentials at a high level: (1) acquire evidence, (2) authenticate it, and (3) analyze it. Although this process is presented at a high level, important details, such as the importance of establishing and maintaining a chain of custody, how to collect and document evidence and key issues to consider when presenting the evidence in court are covered. This discussion is picked up again in Chapter 12, Introduction to the Criminal Justice System, in which applicable laws, advice on dealing with law enforcement agencies, and the distinction between criminal and civil cases are discussed. There is sufficient detail and pointers to put sources of information to arm you with the bare essentials.

Between the opening chapter and Chapter 12 described above are chapters devoted to basic techniques and procedures for tracing email, specific operating system issues (the book deals with UNIX and Windows), encryption, codes and compression and other common challenges an investigator will face. The material is not overly technical, and is presented in easy-to-understand prose. Anyone who works as a network or system administrator, provides desktop support, or is an advanced end user will have no problems following the techniques that are presented or the underlying technical details. If you're seeking an advanced text this book will probably disappoint you, although there is sure to be some new trick or fact that you'll learn. For example, I have over 25 years of IT experience and was fascinated by the discussion of steganography (an information hiding technique). There were other chapters that I quickly skimmed because I was well-versed in the subject matter.

What I like about the book is the easy approach, which makes it easy to develop the fundamental skills necessary to perform forensics. The few other papers and books on the subject are far more advanced and the learning curve is a barrier. This book will give the new security investigator a foothold in the topic upon which he or she can build. I especially liked the appendices, which provide an excellent framework for incident response. One of the best features is the detailed roles and responsibilities, which are well thought out and reinforce the axiom that security is everyone's business. Another outstanding feature is the flowcharts for various incident types, such as denial of service, hostile code, etc. These can be used verbatim in a security policies and procedures manual, as can the incident response form provided in Appendix B. I also liked the valuable URLs provided throughout the book. I knew of many, but was surprised to find invaluable resources that I didn't know about.

Even though much of this book presented information I already knew, I still enjoyed reading it because I picked up facts that I didn't previously know, and was reminded of legal aspects of forensics and security that I'd forgotten. The appendices alone make this worthwhile to even advanced readers, and the fact that it provides an entry point into forensics for new practitioners makes this book invaluable as a training tool and vehicle for professional growth.

18 von 18 Kunden fanden die folgende Rezension hilfreich
A Much Needed Primer 26. November 2001
Von James Sibley - Veröffentlicht auf Amazon.com
Format:Taschenbuch
As a high technology crimes prosecutor in Silicon Valley, this book is just what I've been waiting for. While not an exhaustive treatise on the minutia of computer systems and forensic tools, the authors provide a comprehensive overview of investigative approaches, tools, and techniques desperately needed in the field. This book should be a must read for investigators (public and private), attorneys, and system administrators, as well as corporate management responsible for overseeing either personnel, or the security of network infrastructure and information assets. Both an excellent primer on the developing field of computer forensics and a good resource from which to launch more in depth research into a specific area in the field. While many of the previous works in this field proved to be either uninformative cursory overviews or mind numbing forays into the depths of the arcane, the authors have struck a good balance that makes for an enjoyable and informative read. Not the end all, be all of computer crime investigation, but a damn fine starting point.

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Thema:
Erster Beitrag:
Eingabe des Log-ins
 


Aktive Diskussionen in ähnlichen Foren
Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen
   
Ähnliche Foren

Lieblingslisten

Legen Sie Ihre eigene Lieblingsliste an

Ähnliche Artikel finden

Anhand des Sachgebietes nach ähnlichen Produkten suchen:






























Das bedeutet, jeder Titel/Artikel muss zu Sachgebiet 1 UND zu Sachgebiet 2 UND... gehören.

Ihr Kommentar

Möchten Sie die Produktinformationen aktualisieren oder Feedback zu den Produktabbildungen geben?

Datenschutzerklärung von Amazon.de Versandbedingungen von Amazon.de Umtausch- & Rücknahme bei Amazon.de