There are many open source tools one can use with only minimal hardware to practice on. Tools such as http://sleuthkit.org and many others: http://www.opensourceforensics.org/.
There are also many great challenges on http://honeynet.org that walk one through the forensics of a compromised honeypot.
-
Ooooooh! This site is almost better than sex.....I must not be googling enough. I like I likeOriginally posted by highwizardLeave a comment:
-
I also like Guide to Computer Forensics and Investigations - Nelson/Phillips/Enfinger/Steuart I think its a generally good start for newbies.
I would also look more into books that polish professional skills. Keep your nose clean, and read a lot of law information, search and seizure, etc....Leave a comment:
-
Forensics
This is really being written in response to this post: http://forum.defcon.org/showthread.php?t=2506
But, if anyone else is truly interested in the art of Computer Forensics then here are some resources:
http://rr.sans.org - Has some good info, though, Personally SANS isn't one of my more favorite groups.
http://www.cert.org/csirts/resources.html - A list of Resources on the subject Matter provided by CERT
Books to read
Some of these books are good, some of them, IMHO, are crap. But you can be the judge.
Incident Response: Investigating Computer Crime by Kevin Mandia and Chris
Prosise
Cyber Foreniscs - Marcella/Greenfield
Handbook of Computer Crime Investigation - Casey
Computer Forensics - Kruse/Heiser
Computer Forensics - Vacca
Security planning and disaster recovery by Maiwald and Sieglein.
Incident Response by Van Wyk & Forno
Few of the SANS series books
There are many more resources out on the internet, but, if you are that interested in Comp Forensics, then I recommend spending some time with Mr. Google.
Being a CFS can be tedious, there are tools out on the market for the job, but if you want something done right... Write your own.
Leave a comment: