This is a really short post...
I came across this book today and will be ordering shortly. Written by Chris Pogue, Cory Altheide, Todd Haverkos.
Some information about the contents:
The book begins with a chapter to describe why and how the book was written, and for whom, and then immediately begins addressing the issues of live response (volatile) data collection and analysis. The book continues by addressing issues of collecting and analyzing the contents of physical memory (i.e., RAM). The following chapters address /proc analysis, revealing the wealth of significant evidence, and analysis of files created by or on UNIX systems. Then the book addresses the underground world of UNIX hacking and reveals methods and techniques used by hackers, malware coders, and anti-forensic developers. The book then illustrates to the investigator how to analyze these files and extract the information they need to perform a comprehensive forensic analysis. The final chapter includes a detailed discussion of Loadable Kernel Modules and Malware. The companion DVD provides a simulated or "live" UNIX environment where readers can test the skills they've learned in the book and use custom tools developed by the authors.
Thursday, June 12, 2008
Subscribe to:
Post Comments (Atom)
1 comments:
Looks like a great book. I'll have to order a copy as well. I've been looking for a book like this for my class. Thanks for the heads up!
Post a Comment