Announcement

Collapse
No announcement yet.

Forensics

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Forensics

    This is really being written in response to this post: http://forum.defcon.org/showthread.php?t=2506

    But, if anyone else is truly interested in the art of Computer Forensics then here are some resources:

    http://rr.sans.org - Has some good info, though, Personally SANS isn't one of my more favorite groups.

    http://www.cert.org/csirts/resources.html - A list of Resources on the subject Matter provided by CERT


    Books to read

    Some of these books are good, some of them, IMHO, are crap. But you can be the judge.

    Incident Response: Investigating Computer Crime by Kevin Mandia and Chris
    Prosise
    Cyber Foreniscs - Marcella/Greenfield
    Handbook of Computer Crime Investigation - Casey
    Computer Forensics - Kruse/Heiser
    Computer Forensics - Vacca
    Security planning and disaster recovery by Maiwald and Sieglein.
    Incident Response by Van Wyk & Forno
    Few of the SANS series books

    There are many more resources out on the internet, but, if you are that interested in Comp Forensics, then I recommend spending some time with Mr. Google.


    Being a CFS can be tedious, there are tools out on the market for the job, but if you want something done right... Write your own.

  • #2
    I also like Guide to Computer Forensics and Investigations - Nelson/Phillips/Enfinger/Steuart I think its a generally good start for newbies.

    I would also look more into books that polish professional skills. Keep your nose clean, and read a lot of law information, search and seizure, etc....

    Comment


    • #3
      Also check out: http://www.cybercrime.gov/

      Comment


      • #4
        Originally posted by highwizard
        Ooooooh! This site is almost better than sex.....I must not be googling enough. I like I like

        Comment


        • #5
          There are many open source tools one can use with only minimal hardware to practice on. Tools such as http://sleuthkit.org and many others: http://www.opensourceforensics.org/.
          There are also many great challenges on http://honeynet.org that walk one through the forensics of a compromised honeypot.
          =============<>

          (150+ security tools on a bootable CD fitting on a miniCD.)
          "Proving no 127.0.0.1 is safe."

          Comment

          Working...
          X