Sign in  |  Register
Advanced search
Publication Cover

CITATION

Philipp, Aaron; Cowen, David; and Davis, Chris. Hacking Exposed Computer Forensics, Second Edition. US: McGraw-Hill Osborne Media, 2009.

Hacking Exposed Computer Forensics, Second Edition

Authors: Aaron Philipp, David Cowen and Chris Davis

Published:  September 2009

eISBN: 9780071626781 0071626786 | ISBN: 9780071626774
Open eBook
  • Contents
  • Acknowledgments
  • Introduction
  • Part I: Preparing for an Incident
  • Case Study: Lab Preparations
  • Cashing Out
  • Preparing for a Forensics Operation
  • 1 The Forensics Process
  • Types of Investigations
  • The Role of the Investigator
  • Elements of a Good Process
  • Defining a Process
  • After the Investigation
  • 2 Computer Fundamentals
  • The Bottom-up View of a Computer
  • Types of Media
  • 3 Forensic Lab Environment Preparation
  • The Ultimate Computer Forensic Lab
  • Forensic Computers
  • Forensic Hardware and Software Tools
  • The Flyaway Kit
  • Case Management
  • Bonus: Linux or Windows?
  • Part II: Collecting the Evidence
  • Case Study: The Collections Agency
  • Preparations
  • Revelations
  • Collecting Evidence
  • 4 Forensically Sound Evidence Collection
  • Collecting Evidence from a Single System
  • Common Mistakes in Evidence Collection
  • 5 Remote Investigations and Collections
  • Privacy Issues
  • Remote Investigations
  • Remote Collections
  • Encrypted Volumes or Drives
  • USB Thumb Drives
  • Part III: Forensic Investigation Techniques
  • Case Study: Analyzing the Data
  • Digging for Clues
  • We're Not Done. Yet.
  • Finally
  • 6 Microsoft Windows Systems Analysis
  • Windows File Systems
  • Recovering Deleted Files
  • Windows Artifacts
  • 7 Linux Analysis
  • The Linux File System (ext2 and ext3)
  • Linux Analysis
  • 8 Macintosh Analysis
  • The Evolution of the Mac OS
  • Looking at a Mac Disk or Image
  • Deleted Files
  • A Closer Look at Macintosh Files
  • Mac as a Forensics Platform
  • 9 Defeating Anti-forensic Techniques
  • Obscurity Methods
  • Privacy Measures
  • 10 Enterprise Storage Analysis
  • The Enterprise Data Universe
  • Working with NAS Systems
  • Working with SAN Systems
  • Working with Tapes
  • Full-Text Indexing
  • Mail Servers
  • 11 E-mail Analysis
  • Finding E-mail Artifacts
  • Converting E-mail Formats
  • Obtaining Web-based E-mail (Webmail) from Online Sources
  • Client-based E-mail
  • Web-Based E-mail
  • Investigating E-mail Headers
  • 12 Tracking User Activity
  • Microsoft Office Forensics
  • Tracking Web Usage
  • Operating System User Logs
  • 13 Forensic Analysis of Mobile Devices
  • Collecting and Analyzing Mobile Device Evidence
  • Password-protected Windows Devices
  • Conclusion
  • Part IV: Presenting Your Findings
  • Case Study: Wrapping Up the Case
  • He Said, She Said…
  • 14 Documenting the Investigation
  • Read Me
  • Internal Report
  • Declaration
  • Affidavit
  • Expert Report
  • 15 The Justice System
  • The Criminal Court System
  • The Civil Justice System
  • Expert Status
  • Part V: Putting It All Together
  • Case Study: Now What?
  • Mr. Blink Becomes an Investigator
  • Time to Understand the Business Issues
  • 16 IP Theft
  • What Is IP Theft?
  • IP Theft Ramifications
  • Types of Theft
  • Tying It Together
  • 17 Employee Misconduct
  • What Is Employee Misconduct?
  • Ramifications
  • Types of Misconduct
  • Tying It Together
  • 18 Employee Fraud
  • What Is Employee Fraud?
  • Ramifications
  • Types of Employee Fraud
  • Tying It Together
  • 19 Corporate Fraud
  • What Is Corporate Fraud?
  • Ramifications
  • Types of Corporate Fraud
  • 20 Organized Cyber Crime
  • The Changing Landscape of Hacking
  • Types of Hacks and the Role of Computer Forensics
  • Money Laundering
  • 21 Consumer Fraud
  • What Is Consumer Fraud?
  • Ramifications
  • Types of Consumer Fraud
  • Tying It Together
  • A Searching Techniques
  • Regular Expressions
  • Index