Cyber Crime Investigator’s Field Guide

Cyber Crime Investigator’s Field Guide - Second Edition
by Bruce Middleton

Hardcover
296 pages
6.25"x9.5"

retail $69.95
Our Price $55.95

• Analyzes the use of the latest evidence collection and analysis tools
• Details how to use evidence collection and analysis tools including AccessData's Forensic Tool Kit®, Guidance Software's
• EnCase® 3 & 4, ILook Investigator©, and a variety of tools from NTI
• Covers everything from what to do upon arrival at the scene until the investigation is complete, including chain of evidence

Many excellent hardware and software products exist to protect our data communications sytems, but security threats dictate that they must be further enhanced. Many laws implemented during the past 15 years have provided law enforcement with more teeth to take a bite out of cyber crime, but there is still a need for individuals who know how to investigate computer network security incidents. Organizations demand experts with both investigative talents and a technical knowledge of how cyberspace really works. Cyber Crime Investigator's Field Guide, Second Edition provides the investigative framework that needs to be followed, along with information about how cyberspace works and the tools that reveal the who, what, when, where, why, and how in the investigation of cyber crime.

This volume offers a valuable Q&A by subject area, an extensive overview of recommended reference materials, and a detailed case study. Appendices highlight attack signatures, UNIX/Linux commands, Cisco PIX commands, port numbers targeted by trojan horses, and more.

Table of Contents
THE INITIAL CONTACT
Chapter Questions

CLIENT SITE ARRIVAL
Chapter Questions

EVIDENCE COLLECTION PROCEDURES
Detailed Procedures for Obtaining a Bitstream Backup of a Hard Drive
Chapter Questions

EVIDENCE COLLECTION AND ANALYSIS TOOLS
SafeBack
GetTime
FileList, FileCnvt, and Excel©
GetFree
Swap Files and GetSwap
GetSlack
Temporary Files
TextSearch Plus
CRCMD5
DiskSig
Chapter Questions

ACCESSDATA'S FORENSIC TOOL KIT
Creating a Case
Working on an Existing Case
Chapter Questions

GUIDANCE SOFTWARE'S ENCASE
Chapter Questions

ILOOK INVESTIGATOR
Chapter Questions

PASSWORD RECOVERY
Chapter Questions

QUESTIONS AND ANSWERS BY SUBJECT AREA
Evidence Collection
Legal
Evidence Analysis
UNIX
Military
Hackers
BackTracing (TraceBack)
Logs
Encryption
Government
Networking
E-Mail

RECOMMENDED REFERENCE MATERIALS
PERL and C Scripts
UNIX, Windows, NetWare, and Macintosh
Computer Internals
Computer Networking
Web Sites of Interest

CASE STUDY
Recommendations

APPENDIX A: GLOSSARY

APPENDIX B: PORT NUMBERS USED BY MALICIOUS
TROJAN HORSE PROGRAMS

APPENDIX C: ATTACK SIGNATURES

APPENDIX D: UNIX/LINUX COMMANDS

APPENDIX E: CISCO PIX FIREWALL COMMANDS
PIX Command Reference

APPENDIX F: DISCOVERING UNAUTHORIZED ACCESS TO YOUR COMPUTER

APPENDIX G: ELECTROMAGNETIC FIELD ANALYSIS
(EFA) "TICKLER"

APPENDIX H: THE INTELLIGENCE COMMUNITY SINCE 9/11

APPENDIX I: ANSWERS TO CHAPTER QUESTIONS

Hardcover
296 pages
6.25"x9.5"

retail $69.95
Our Price $55.95

People who bought this book also bought:


Computer Crime Investigation	Digital Evidence and Computer Crime	Find It Online

TOP SELLERS

	org. $24.95 NOW $19.95

	org. $25.95 NOW $20.75

	org. $28.95 SALE $9.00

	org. $21.95 NOW $17.55

	org. $21.95 NOW $17.60

	org. $29.00 NOW $23.20

	org. $29.95 SALE $15.00

	org. $22.95 NOW $18.35

	org. $22.95 NOW $18.35

	org. $87.95 NOW $70.36

Home Publisher Editor Subscribe Advertise Bookstore Conferences Directory Classifieds Contact Links Sitemap Privacy PI Gear Private Investigator FAQ