Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
Hacking Exposed
>
Hacking Exposed Computer Forensics, Second Edition
CITATION
Philipp, Aaron;
Cowen, David; and
Davis, Chris
.
Hacking Exposed Computer Forensics, Second Edition
.
US
: McGraw-Hill Osborne Media, 2009.
Add to Favorites
Email to a Friend
Download Citation
Hacking Exposed Computer Forensics, Second Edition
Authors:
Aaron Philipp
,
David Cowen
and
Chris Davis
Published:
September 2009
eISBN:
9780071626781 0071626786
|
ISBN:
9780071626774
Open eBook
Book Description
Table of Contents
Contents
Acknowledgments
Introduction
Part I: Preparing for an Incident
Case Study: Lab Preparations
Cashing Out
Preparing for a Forensics Operation
1 The Forensics Process
Types of Investigations
The Role of the Investigator
Elements of a Good Process
Defining a Process
After the Investigation
2 Computer Fundamentals
The Bottom-up View of a Computer
Types of Media
3 Forensic Lab Environment Preparation
The Ultimate Computer Forensic Lab
Forensic Computers
Forensic Hardware and Software Tools
The Flyaway Kit
Case Management
Bonus: Linux or Windows?
Part II: Collecting the Evidence
Case Study: The Collections Agency
Preparations
Revelations
Collecting Evidence
4 Forensically Sound Evidence Collection
Collecting Evidence from a Single System
Common Mistakes in Evidence Collection
5 Remote Investigations and Collections
Privacy Issues
Remote Investigations
Remote Collections
Encrypted Volumes or Drives
USB Thumb Drives
Part III: Forensic Investigation Techniques
Case Study: Analyzing the Data
Digging for Clues
We're Not Done. Yet.
Finally
6 Microsoft Windows Systems Analysis
Windows File Systems
Recovering Deleted Files
Windows Artifacts
7 Linux Analysis
The Linux File System (ext2 and ext3)
Linux Analysis
8 Macintosh Analysis
The Evolution of the Mac OS
Looking at a Mac Disk or Image
Deleted Files
A Closer Look at Macintosh Files
Mac as a Forensics Platform
9 Defeating Anti-forensic Techniques
Obscurity Methods
Privacy Measures
10 Enterprise Storage Analysis
The Enterprise Data Universe
Working with NAS Systems
Working with SAN Systems
Working with Tapes
Full-Text Indexing
Mail Servers
11 E-mail Analysis
Finding E-mail Artifacts
Converting E-mail Formats
Obtaining Web-based E-mail (Webmail) from Online Sources
Client-based E-mail
Web-Based E-mail
Investigating E-mail Headers
12 Tracking User Activity
Microsoft Office Forensics
Tracking Web Usage
Operating System User Logs
13 Forensic Analysis of Mobile Devices
Collecting and Analyzing Mobile Device Evidence
Password-protected Windows Devices
Conclusion
Part IV: Presenting Your Findings
Case Study: Wrapping Up the Case
He Said, She Said…
14 Documenting the Investigation
Read Me
Internal Report
Declaration
Affidavit
Expert Report
15 The Justice System
The Criminal Court System
The Civil Justice System
Expert Status
Part V: Putting It All Together
Case Study: Now What?
Mr. Blink Becomes an Investigator
Time to Understand the Business Issues
16 IP Theft
What Is IP Theft?
IP Theft Ramifications
Types of Theft
Tying It Together
17 Employee Misconduct
What Is Employee Misconduct?
Ramifications
Types of Misconduct
Tying It Together
18 Employee Fraud
What Is Employee Fraud?
Ramifications
Types of Employee Fraud
Tying It Together
19 Corporate Fraud
What Is Corporate Fraud?
Ramifications
Types of Corporate Fraud
20 Organized Cyber Crime
The Changing Landscape of Hacking
Types of Hacks and the Role of Computer Forensics
Money Laundering
21 Consumer Fraud
What Is Consumer Fraud?
Ramifications
Types of Consumer Fraud
Tying It Together
A Searching Techniques
Regular Expressions
Index