Forensics Books
From SecurityForest
| Table of contents |
Hacking Exposed Computer Forensics
Name: Hacking Exposed Computer Forensics
Authors: Chris Davis, Aaron Philipp, David Cowen
Publisher: McGraw-Hill Osborne Media; 1 edition (November 1, 2004)
Pages: 480
ISBN: 0072256753
Description: Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You’ll get expert information on crucial procedures to successfully prosecute violators while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It’s all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you’ll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0072256753/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Hacker's Challenge
Name: Hackers Challenge : Test Your Incident Response Skills Using 20 Scenarios
Authors: Mike Schiffman
Publisher: McGraw-Hill Companies (October 18, 2001)
Pages: 300
ISBN: 0072193840
Description: Mike Schiffman has hit upon a great formula for Hacker's Challenge. Rather than try to research, fully understand, and adequately explain attacks that have taken place on other people's networks--the approach taken by too many writers of books about computer security--Schiffman lets network administrators and security experts tell their stories first-hand. This is good. What's better is that Schiffman has edited each of their war stories into two sections: one that presents the observations the sysadmin or security consultant made at the time of the attack, and another (in a separate part of the book) that ties the clues together and explains exactly what was going on. The challenge in the title is for you to figure out what the bad guys were doing--and how best to stop them--before looking at the printed solution. Let's call this book what it is: an Encyclopedia Brown book for people with an interest in network security.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0072193840/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Hacker's Challenge 2
Name: Hackers Challenge 2 : Test Your Network Security & Forensic Skills
Authors: Mike Schiffman, Bill Pennington, David Pollino, Adam J. O'Donnell
Publisher: McGraw-Hill Osborne Media; 2nd edition (December 18, 2002)
Pages: 352
ISBN: 0072226307
Description: Do you have what it takes to keep the bad guys out of your network? Find out with the latest edition of this best-selling book featuring 20+ all new hacking challenges for you to solve. Plus, you'll get in-depth solutions for each, all written by experienced security consultants.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0072226307/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Network Intrusion Detection: An Analysts Handbook
Name: Network Intrusion Detection :
Authors: Stephen Northcutt
Publisher: Sams; 1st edition (August 15, 1999)
Pages: 267
ISBN: 0735708681
Description: Written to be both a training aid and a technical reference for intrusion detection analysts, Northcutt's book contains unparalleled, practicalexperience that can't be found anywhere else. With detailed explanations and illustrative examples from his own career, Northcutt covers the topic completely, from detect evaluation, analysis, and situation handling, through the theories involved in understanding hackers, intelligence gathering, and coordinated attacks, to an arsenal of preventive and aggressive security measures. Ideal for the serious security analyst, Network Intrusion Detection: An Analyst's Handbook is the tool that puts you in full control of your network's security.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0735708681/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Network Intrusion Detection (3rd Edition)
Name: Network Intrusion Detection : (3rd Edition)
Authors: Stephen Northcutt, Judy Novak
Publisher: Sams; 3 edition (August 27, 2002)
Pages: 512
ISBN: 0735712654
Description: The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0735712654/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Incident Response and Computer Forensics, Second Edition
Name: Incident Response and Computer Forensics, Second Edition
Authors: Chris Prosise, Kevin Mandia, Matt Pepe
Publisher: McGraw-Hill Osborne Media; 2 edition (July 17, 2003)
Pages: 544
ISBN: 007222696X
Description: A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/007222696X/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Computer Forensics : Incident Response Essentials
Name: Computer Forensics : Incident Response Essentials
Authors: Warren G. Kruse II, Jay G. Heiser
Publisher: Addison-Wesley Professional; 1st edition (September 26, 2001)
Pages: 416
ISBN: 0201707195
Description: The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise in Unix/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and to probe your own systems.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0201707195/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Forensic Discovery
Name: Forensic Discovery
Authors: Dan Farmer, Wietse Venema
Publisher: Addison Wesley Professional (December 31, 2004)
Pages: 240
ISBN: 020163497X
Description: The authors draw on their extensive firsthand experience to cover everything from file systems, to memory and kernel hacks, to malware. They expose a wide variety of computer forensics myths that often stand in the way of success. Readers will find extensive examples from Solaris, FreeBSD, Linux, and Microsoft Windows, as well as practical guidance for writing one's own forensic tools. The authors are singularly well-qualified to write this book: They personally created some of the most popular security tools ever written, from the legendary SATAN network scanner to the powerful Coroner's Toolkit for analyzing UNIX break-ins.
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/020163497X/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
