3 comments about Computer Forensics: Evidence Collection and Management.

1. This is the worst computer book I have read in a long time. If you already know about what data is, for names of different operating system keep looking. The only part of the this book that is about computer forensics is the part it says go to Devery University to learn the subject. Guess where the author teaches at?



2. This book is a great survey of the field of computer forensics.
   There are notable gaps in actual technical detail, and more information than I was ready to digest on the handling of the data once acquired -- mostly the legal hoop-jumping required to maintain chain-of-custody.
   If you're a techie looking for a HowTo, keep looking. If you've already got a grasp of the how, but need the fine details of handling, this book is a good reference tome.



3. "Computer Forensics: Evidence Collection And Management" by Robert C. Newman (Instructor of Information Systems in the College of Information Technology at Georgia Southern University) provides a coherent, systematic, and comprehensive analytical study of cybercrime, E-commerce, and Internet activities that could be used to exploit the Internet, the computers, and the various electronic devices employed by individuals, by government agencies, and by corporations. "Computer Forensics" addresses the many vulnerabilities and threats that are inherent to our computer age and presents the techniques and processes utilized by security personnel, investigators and forensic examiners to successfully identify, retrieve, and protect computer data as forensic evidence for litigation and prosecution. the first part of "Computer Forensics" is dedicated to exploring various crimes, laws, policies, forensic tools, and the information required to understand the underlying concepts of computer forensic investigation. The second part of "Computer Forensics" presents basic information relating to crime scene investigations and management, disk and file structure, laboratory construction and functions, and legal testimony. Of special note are the specific chapters concerning investigations involving computer systems, e-mail, and wireless devices. Presenting more than 200 key terms (with definitions supplied in the Glossary), more than 100 review questions and answers to solidify comprehension, offering optional exercises and cases emphasizing the book's content, two sets of forms with respect to forensic investigation and the procedures used in computer forensic laboratories, and a selected bibliography of special relevance for forensic professionals, "Computer Forensics" is the ideal textbook for college level computer science and information technology courses, as well as non-special general readers with an interest in the subject.

5 comments about Web of Deception: Misinformation on the Internet.

1. This is an important collection of articles, written by people who have been leaders in analyzing information retrieval and content well before there was a web. This is an eye-opener
   even for other experienced information professionals but it is especially important for people who are relying on the web as their source of personnel and professional information.

   Rather than scaring folks from using the web, this book is an incredibly useful tool in helping individuals, other researchers, teachers, and business people to use the web more effectively.

   Thanks to Anne Mintz and her colleagues for publishing this book and thanks to her employer for supporting her efforts in making us all more responsbile users of web information.




2. Web of Deception: Misinformation on the Internet is an essential read about a topic many of us deal with several times a day.

   General search engines create the databases we search by finding what they can. No time is spent judging and analyzing the accuracy of the site or the reputation of the publisher. Fine, this is how general web search tools work but this is also why it's IMPORTANT that the searcher take a few moments and think about where the material is coming from and who is producing it.

   Mintz has assembled an all-star roster of experts to provide the reader with the information and skills needed to recognize, understand, and deal with web credibility and authority issues.




3. "Web of Deception" is a wake-up call to adult on-line users of the Internet and arguably the most important book of the Cyber Age to date. Its focus is on the deliberate deceptions on the Net that can wreak havok on your health, privacy, investments, purchases, business decisions, and legal affairs.

   Editor Mintz and her collegial experts wrote the book not to scare but to empower Internet users to take control. "Web of Deception" should be required reading for Internet users and in all computer classes. It can also be a valuable text in a course on the Dark Side of the Information Age.




4. This is an invaluable resource for information professionals in any realm, be it the corporate boardroom or the neighborhood public library. Its many contributors give insight into how the Internet is being used to disseminate information, and how online communities function. This book is not engendered by fear, but out of the reality that misinformation (erroneous information) and disinformation (malicious information) abounds on the Web, and real harm can be done. I hope that the editor and contributing authors will update it, given new trends in online communities, and the many changes in the world of search. If I may suggest the title: "Web 2.0 of Deception."



5. If we thought about where material comes from and who is producing it, it can be a slippery slope! A book the author cites in the very first page of the introduction (i.e. David Duke...) is a book all about how we should rebel against the information coming from Hollywood because it is mostly Jewish (as the Jews readily acknowledge) among other things. Further, she talks about Dr Martin Luther King Jr. and websites supposedly giving false information about him -- such as the fact that he plagiarized his doctoral thesis (among other writings). This is actually true. There was an inquest about it at his university, and they found entire pages lifted almost completely verbatim from another thesis and other sources. They decided not to revoke his PhD because of his reputation and because they said it "would serve no purpose". While the spirit and idea of this book is excellent, the authors do a bad job of verifying and researching the weighty issued they are addressing. FAR from simply attending to the intent of the websites, we need to still stick to FACTS! Intent is just one thing we have in our arsenal of deception-busting! FACTS are the MOST important! I was ironically left with a feeling that the authors did not just want facts, but had a political agenda which made the book one-sided. Facts, and objective truth can solve the world's problems, but only if we lose our biases all around -- even our own pet ones.

5 comments about The Hacker Diaries : Confessions of Teenage Hackers.

1. This book will change your view of what you thought of the typical teenage hacker. This book has 8 stories about teenage hackers as the title shows. The chapters on average are 20 to 25 pages long so the author does not have very long to go into deep detail of each hacker or group of hackers he delves into there family lifes some but does not have long to go for their hacks and exploits .
   
   Some of the characters are as follow
   
   1) Genocide who grew up in a shack in alaska with no electricity telephone or running water.
   
   2) Theres joe magee and noid who where complete opposites but curiosity in the familys new vcr would start their interest into computers. A intersting story from the book about joe and the family vcr was when he was 10 he had a problem with insomnia and late night eating because of it. So one night withsuch problem he goes down stairs to make a pb&j sandwich and when he thinks he is going to get busted he shoves the sandwich into the vcr and a sure mess came about with the heat melting the jelly.
   
   3) Theres prometheus and explotion with promethius being a self-proclaimed satan worshiper living to deface christian and religous websites.
   
   One of two out of this group that really amazed me was 15 year old anna moore who had computer friendly parents at age 4 she could read at a 3rd grade level she also was the first female hacker to win the ethical hacking contest at the annual defcon hacker convention in vegas.
   
   The other one that was really amazing is h.d. moore who started hacking at age 13 who got a job working for the air force before he was 18. He developed on his own alot of programs that are uaed today and even gave a big presentation at a convention at the age of 17.
   
   I said at the start that this book would change your veiw of hackers in that they are not the teenagers that tv and moives portray or what most of us probably think of they are the kid next door the star quarterback and such not as alot the evil names they choose as shockvalue and that most of these kids go on to productive lives seeing that hacking has become something other than what they veiwed it as away to share info and despies those who made money from it to now the feeling that the most modern day hackers are only concern with damaging and destroying websites. This book is a little hard to get threw if you are a computer novice as far as the terminology.



2. This book is one of a few that provides insight into hackers, security personnel, and cybercrime investigators through first-person interviews. It reads much like a magazine article or investigative newspaper report.
   
   The title implies that we will get a very personal glimpse of hackers, as if reading their diaries. That is not the case. We only get what the hacker is willing to say to the interviewer, so there is a level of info we don't get to see.
   
   As a computer geek myself, I expected more techinical information, but the author saw need to explain what things like "telnet" means. If you are not a technical person, you will be able to read this book without being left in the dark on anything. But geeks like me will be left wondering more about specific techniques and tools used, while bored at the basic information provided.
   
   I don't have a lot of time or patience, so the fact that I read this book cover-to-cover without giving up on it means it has some value, though it leaves something to be desired. It is not a book that will change your life or give you a deep insight, but it is an interesting read.



3. This book is horrible. Hackers are the people who commit crimes using computer, Hackers are people who are expert programmers. A better book would be "Hacker: Heroes of the Computer Revolution".



4. This is one of the only books that directly talks about teenage hackers and one that tries to change the people's and the media's perception about a hacker. It does not, however, do a great job of conveying this message at least that is what I thought. The preface starts as a restatement of the well know Hacker's Manefesto authored by Mentor a decade ago. The book will not appeal to the technical audience, since it is mostly a novel. One issue that I really found serious in the book was that the message is contradicted. Although the book wants to convey the message that hacking is bad and people who practice it are normal teenagers who might be cutting your grass; the choice of characters was no where normal. The characters which are mostly from divorced parents, living with no water in their house, picking fights, getting arrested, and getting expelled from school; hardly the norm for the average teenager IMHO. A couple of technical inaccuracies were also spotted between the text and there a huge gap in the time line described between the day the hacker fiddled with his first computer and the day he started to break computers. Other than that issue the book is a good read although it does really appeal to my technological taste.



5. I can recognize Dan Verton really did a lot of researching for writing this book but, despite all of it, it's a bad book. Excepting HD Moore I never saw any of those hackers interviewed. The tales are very unintersting. A mom from a friend of mine liked it and probably my mother will.

No comments about Cyber Kids, Cyber Bullying, Cyber Balance.

5 comments about Secrets of Computer Espionage: Tactics and Countermeasures.

1. You and your computer face a dizzying array of security threats, writes tech consultant Joel McNamara. Competitors, cops, crooks and even disgruntled kin would love a peek at your hard drive. But don't hyperventilate just yet. If you calmly analyze the desirability and vulnerability of your secrets, you can figure out how to protect yourself. McNamara's prose is surprisingly clear given the degree of difficulty of his topic, and he offers a number of useful sidebars, charts and examples from inside the tech business to juice up his instructional tome. We suggest this practical book to managers charged with protecting corporate data, and to people who are unsure just how safe their computers are.



2. The "Secrets of Computer Espionage" by Joel McNamara unveils what every PC user should know before they hop on to the internet Bandwagon. If you can read this review, then you need to purchase this book. Cyber Crime is the number one precursor to identity theft and the simple thruth is -- Internet Security is YOUR responsibility.

   Joel McNamara makes you walk a mile in the bad guys shoes, forcing you to see both sides of the story. You will learn the real threats behind internet worms (such as Sasser) and trojan horses (like MyDoom). Discover why Windows(tm) isn't safe and learn who's after your PII (Personally Identifiable Information).

   View the world through the eyes of an internet private eye and see that everything really is an open book, it just depends on where you look. Let Joel be your guide. Buy the ticket, take the ride... then go to www.pcpitbull.com and see what's really inside.




3. Judging from the title, Secrets of Computer Espionage: Tactics and Countermeasures would appear to be geared to governments, security agencies, or high-level corporations. In fact, as the author makes clear, anyone with an Internet connection is a potential target of online espionage-even by such "mundane" means as viruses, worms, and phishing attacks-and this book is addressed to that huge audience.
   
   Just who is spying on whom? The author explains that the typical person might be a target of bosses, friends, family members, hackers, and many others. Even people with nothing confidential or of value on their computers risk getting caught up in espionage and other cyber capers. For instance, hackers can use their computers as vehicles for staging attacks or as a location for storing illicit files, such as child pornography. And as more cell phones and PDAs connect to the Internet, the risks multiply.
   
   What may be disturbing to some readers is that every computer device and peripheral provides at least one avenue of attack. The author explains many of these schemes, such as keystroke loggers and cleartext file transfers via file transfer protocol (FTP). In addition, operating-system and application-level vulnerabilities constitute even more ways that systems can be compromised.
   
   Despite the grim picture painted by the author, the book isn't intended to make readers paranoid, but rather to acquaint them with the many risks posed by the Internet. This excellent book shows that someone quite possibly is out to get you, but it provides the tools to protect yourself.



4. Secrets of Computer Espionage: by Joel McNamara is a must for any PC user. Staffed with so many examples (with a conversational funny tone) the book does a really good job. The book stresses the vulnerabilities and threats, explains in details the evolution of spy tactics, network eavesdropping and provide countermeasures as well.
   
   It's good to know what's around us and be in the know!
   
   Recommend ****
   Guzman, Dror



5. Secrets of Computer Espionage: by Joel McNamara is a must for any PC user.This book is worth reading, it stresses the vulnerabilities and threats that so many people overlook it also explains the evolution of spy tactics, network eavesdropping and provide some countermeasures as well.
   
   I don't know how I survive in the computer world for so long without this book, it is one of my favourites,I take it with me almost everywhere I go. This book is very thought-provoking, as a computer technician and Law enforcement officer this book is very valuable to me, it helps you to getinto the minds of identity thieves.
   
   I highly recommend this book, it is worth buying.

3 comments about Windows Forensics: The Field Guide for Corporate Computer Investigations.

1. Just read through my copy of this book. I do Cisco work as a CCSE and SANS certified network security specialist, but have been called on to do some investigations at work as the resident "security geek".
   I read Brian Carrier's book on file system forensics, which is much deeper into data structures and is a very good book, but this book gives a better holistic look at investigations. We run a mostly Windows shop, and I'm happy to see a book that doesn't just cover Unix stuff. I want to pick up Windows Forensics and Incident Recovery next and see how they compare.
   
   Definitely recomment!



2. I have to say, like the next geek, I get frustrated by the lack of Linux/Unix use on the desktops of the corporate world; however, the fact is that Windows desktops outnumber Linux/Unix desktops by way more than 100:1. For this reason, it has been very frustrating to me that so many security books focus on Linux/Unix. I don't care if it's the best platform (though I agree); it's not the most common and we need tools on and for Windows.
   
   This book tells you how Windows file systems work and how to perform forensic analysis on these systems. However, it's more than this - it is a great all around book on forensics analysis and the computer crime investigation process. I highly recommend this resource.
   
   Tom Carpenter - Author: CWSP Certification Official Study Guide



3. I decided to read and review three digital forensics books in order to gauge their strengths and weaknesses: "File System Forensic Analysis" (FSFA) by Brian Carrier, "Windows Forensics" (WF) by Chad Steel, and "EnCase Computer Forensics" (ECF) by Steve Bunting and William Wei. All three books contain the word "forensics" in the title, but they are very different. If you want authoritative and deeply technical guidance on understanding file systems, read FSFA. If you want to focus on understanding Windows from an investigator's standpoint, read WA. If you want to know more about EnCase (and are willing to tolerate or ignore information about forensics itself), read ECF.
   
   In the spirit of full disclosure I should mention I am co-author of a forensics book ("Real Digital Forensics") and Brian Carrier cites my book "The Tao of Network Security Monitoring" on p 10. I tried to not let those facts sway my reviews.
   
   WF is a great guide to forensic investigation of Windows. By this I mean WF presents Windows from the perspective of the important directories, files, and registry entries that help an analyst discover malfeasance. WF also covers some of the core applications one would expect to review during host-based forensics, like email, Web browsing history, and P2P application usage. I expected coverage of popular Windows application formats relevant to investigations, like .doc, .ppt, and .xls, but those were missing.
   
   WF addresses the core operational aspects of host-centric forensics, like forming a team and acquiring evidence from live and dead targets. I did not think these sections were as good as material from what I consider the book best suited for all-around hands-on forensic use -- "Incident Response: Computer Forensics, 2nd Ed" by Mandia, Prosise, and Pepe. Live response is one area where I thought WF didn't shine too brightly. I did like the frequent mini-case studies which shared stories from the author's investigative experiences.
   
   A few other aspects of WF resulted in me offering a four star review. I thought the discussion of "vampire taps" on p 157 revealed a real lack of contact with modern network monitoring methods. I don't know anyone who uses or recommends such a contraption in an era of network taps. I continue to question the need to build so-called "sniffing cables," especially when proper interface configuration serves the same purpose. Furthermore, a remotely managed sensor will not be able to hide its traffic on the network anyway, so savvy intruders can usually find them (unless a completely separate management network is run out-of-band). "Chapter 7" was also way too short -- 2 pages!
   
   Although I liked the case studies, I thought there were far too many "gray box" entries. These contain useful hints, but their frequent appearance sometimes interrupted flow of the book. This indicates a need for better organization. Finally, I felt the recent Syngress book "Winternals" did a decent job explaining how to analyze malware, rootkits, and rogue processes on Windows. WF didn't explore this key aspect of Windows incident response.
   
   Overall, however, I would recommend reading WF if you need to understand data sources from Windows systems. I suggest concentrating on the sections that explain where you'll find quality information on Windows, and rely on other sources for generic forensics guidance. I could see readers using WF as a primer for learning about key Windows artifacts, then searching for them in the image files in "Real Digital Forensics."

5 comments about Crimes of Persuasion: Schemes, scams, frauds..

1. A must-read. The author describes in details many different types of scams through which people get defrauded. The book is also fun to read because it shows how the scammers use people's psychological traits (like greed, insecurity, or even loneliness) to get them to part with their money. It's very interesting and you can actually see analogous strategies being played out in TV commercials or even in your daily interactions with people who try to get things from you. I feel much more prepared to deal with life after reading this.



2. I bought this book after looking at the table of contents and seeing the plothera of cons that can be done to people and businesses. I wanted to use the book as a comparative to ethical marketing. Well guess what? You can argue that the con man and the businessman uses the same tatics!!!! Indeed, in this book there are some straight cons that are blankety illegal, but, others really aren't so cut and dry. Some methods that marketers use and "get away" with you can find on informocials past and present. Some of the biggest names and best selling products and services in history have been used by marketers using some of the methods in this book. I think the blur between whats legal and illegal can be a matter of what the government and law enforcement choose to do with a company.
   
   This book was an eye opener and I thought that there is no way I could be conned, but, I see as the author pointed out that anyone can be conned, including the author with all his knowledge.
   My only caveat is that a consumer can read this book and may think that everything is a con because the con man and legitimate companies are so much alike. The real difference is what is deemed as value by consumers, lawyers, gov't and all who choose to be involved.
   My only other complaint is that I was left wanting more details!! Things such as the economics of the con and cost analysis of hiring and building the company of each con and a whole lot of other specifics which probably would've catapult this book to 1000 pages!



3. This book gives a great over view of con artists and their work. It offers a much needed balance given the media's tendency to glorify con artists and the crimes they commit. The focus on the victims is a wonderful aspect of this work.
   
   Although they are psychopathic and antisocial, they are not loners. Con artists have many relationships and I have been most interested in their family relationships. I highly recommend this book to people who are the family members of convicted and suspected con artists. This book will help you come to grips with the real person behind the con and it is not pretty!
   
   The author (Henderson) does a great service as he points out that con artists cannot work without accomplices. Often people become unsuspecting accomplices when they endorse a con artist or his/her business.



4. ----------------------------------------------------------
   "Imagine then, a worthless item covered in gold dust so fine that while appearing lustrous, a simple puff of wind or breath reveals its true value." p.5
   ----------------------------------------------------------
   
   I own the first edition (2000). I believe Les both wrote and published it himself. There is so much raw data here, I think an editor would have provided some measure of control. That's one explanation for the book being over 600 pages long. Another culprit is the large font size. I suppose one justification for that might have been the anticipated readership, i.e., senior citizens who might be scam targets (and who I suppose have bad eyesight!).
   
   Still, the author is to be commended for tracking down these scam artists. If the book is not as attractive as one from a major publishing house, so be it. The message is still valid, and the cost of purchasing "Crimes of Persuasion" must surely pale in comparison to the potential for lost life savings.
   
   After all, it is easier than ever to get scammed and we must always remain vigilant. Is an offer too good to be true? Then it probably is. While not advocating paranoia, I believe a healthy degree of skepticism will prevent criminals from taking your money easily. As well, there is a responsibility to keep an eye on our elderly relatives who are, it must be said, ripe for the picking. Many older people have a trust and respect for their fellow citizens which can be exploited. They also may be unable to fact check or do due diligence online.
   
   ----------------------------------------------------------
   "Offenders routinely include an element of urgency in their pitches, stressing that the prize, investment, or other item being offered will not be available unless you send the required funds quickly." p.13
   ----------------------------------------------------------
   
   This book covers many variations of scams, some popular, some less encountered. Pyramid schemes, Ponzi schemes, chain letters, Nigerian 4-1-9 ("The manufacture of impressive stamps and letterhead is now supported by a huge infrastructure funded by the huge success of this industry." p.522), lottery and sweepstakes, medical billing, money clubs, affinity fraud, and much, much more. Even other ways of separating yourself from your money, such as boiler room telemarketing, or face-to-face street scams like the pigeon drop.
   
   Ever received a series of calls (or newsletters) accurately predicting market trends or even specific stock movement? Here's the magic behind the curtain:
   ----------------------------------------------------------
   "The scammer began with a calling list of 200 people. In the first call, he told 100 that the price would go up and the other 100 were told it would go down. When it went up, he made a second call to the 100 who had been given the "correct forecast." Of these, 50 were told the next price move would be up and 50 were told it would be down. The end result: Once the predicted price decline occurred, he had a list of 50 persons eager to invest." p.90
   ----------------------------------------------------------
   
   In addition to the concerns I mentioned at the outset, only five pages of "Solutions" at the very end of the book seemed light. The pagination as it relates to the Table of Contents was also askew. Hopefully the 2nd edition (2003) remedies these issues, and is more readable. I'm guessing so at least on the latter point, since it is listed at a slimmed down 436 pages.
   
   Once you are prepared with the knowledge and insight to repel scammers, you can watch late-night Get Rich Quick informercials just for the fun of it.
   
   ----------------------------------------------------------
   "The unnaturally happy and enthusiastic audience is paid to applaud and look dumbfounded as each new feature is revealed." p.482
   ----------------------------------------------------------
   
   Further reading might include License to Steal and The Big Con:
   
   License to Steal : The Secret World of Wall Street and the Systematic Plundering of the American Investor
   
   The Big Con: The Story of the Confidence Man



5. If you are interested in protecting yourself from different types of "once in a life type opportunities", then read this book. There are several good books on this comprehensive topics. I found this one an easy read. It covers all of the major (and their variations) frauds/schemes you are likely to encounter. I have take many proactive steps are reading this book to protect my identity and myself.

5 comments about Windows Forensic Analysis Including DVD Toolkit.

1. I purchased this book a few days ago, and as soon as I read the first chapter, I realized that I needed to read the entire book as quickly as possible. This is a wonderful book, and parts of it truely invoked a state of "nerdvana" in me!
   
   PRO's:
   
   First, I will say that the information in this book is tightly packed. There is no unnecessary verbage, and the writing is direct, to the point and understandable. There is a high ratio of technical content to noise, and this greatly contributed to my enjoyment of the book. Even in the technical areas that I was already familiar with, I found the summary of the information to be precise, accurate and helpful. I can see keeping the book around as a reference guide for years to come. The general structure of the book, for example the sections in grey boxes with the [!] annotation, works well, and the end-of-chapter summary and review (particularly the Q&A) are good.
   
   There were several sections, ones that I was personally weak in to start with, that I found particularly helpful, such as the sections on analyzing packed or compressed executables and malware. I had just never gotten around to reading the whitepapers on these, and I'm glad I didn't as those chapters of the book summarized in a few pages what would have taken many more to pick up by reading other original sources. I personally thought that the chapter-to-chapter flow of the narrative was fine for anyone who does incident response on a regular basis.
   
   Through the years, Harlan Carvey has developed and made available his tools in an open (perl) format with no need for compensation. The tools on the DVD alone are worth the money of the book, and are a great addition to any IR toolkit. The references to third party tools, many of which I hadn't heard of, were also particularly helpful.
   
   CON's:
   
   If you are not very technical, or not very familiar with the Windows operating system, you may be overwhelmed by the level of technical detail. If you are an experienced administrator, however, you should be able to adapt what you know about other operating systems (e.g. file structures, process execution, etc.) fairly easily. There were a few typographical errors in the book that didn't detract from its readability or technical accuracy.
   
   All in all, and excellent book, and a must-have for ANY windows incident responder.



2. 
   
   This Book is great for beginners in the field of Forensics or veteran Forensic specialists in the field. The Author gets right to the point, and gives many real world examples and scenarios that any forensic investigator would find themselves dealing with. The Chapters do a great job of referencing the available tools on the included DVD disc.
   
   I can't wait for the Second Edition of this series to be released soon!
   
   Paul Chavez



3. It's a must for starting forensic analysis, especially on live systems. Maybee you can find the same information unorganised in forums, but time is money so spend it wisely.



4. This book is well written and a great asset to anyone doing computer investigations and forensics.



5. Harlan continues to give us a fascinating look "under the hood" from a forensics perspective, this time stepping away from Incident Response and into the operating system that must be examined. His work continues to be readable, detailed, and includes a DVD with extensive tools, many written by him. A jewel in my forensics library, again!

No comments about How To Become The Worlds No. 1 Hacker.

4 comments about UNIX and Linux Forensic Analysis DVD Toolkit.

1. The first few chapters leads the reader gently into appreciating the differences between Windows and *nix based nomenclature. There are a number of practical tools covered which would assist any Windows investigator to perform post forensic analysis. The tools needed to get the job done on *nix boxes are covered more than adequately. Chapter 4 introduces the reader to some practical advice on triage and live data analysis, there are some useful practical exercises using search techniques and the author shares his experience offering some good practical advice on narrowing the search to relevant areas of investigation. Chapter 5 provides some of the best examples I have seen of the "top 10 hacking" tools covered. This should inspire any reader to appreciate how best to investigate against such "tools". This chapter inspires the reader to conduct their own research in a laboratory environment with just enough of a sweetener provided in the examples to encourage them to do so. Chapter 6 takes the reader on an insightful tour of the /proc filesystem highlighting some of the key areas an investigator needs to know in terms of live analysis and key areas for volatile data capture. There's small additional section on the sysfs which covers additional areas of interest relevant to the investigator. Included in this chapter is an insightful walkthru of an investigation further re-enforcing the ideas presented by the author. Chapter 7 guides the reader through the filesystem, highlighting key areas such as configuration files. The author also provides the reader with some inventive techniques for investigation. Although a short chapter it concisely provides enough detail to assist the reader in their investigations. Chapter 8 contains detailed instructions on the use and installation of anti-virus/malware software with a good overview provided by the author of Linux file permissions/security. The final appendix is a worthy addition providing a good overview of auditing and logging not just on *nix but includes, Windows, firewalls, router, IDS and IPS systems. It provides a complementary addition to the literature.
   
   Summary.
   The author has sought to introduce the reader to a very wide subject area, which considering the diversity of Unices is a brave and audacious move. It is quite amazing how much the author has managed to cover and condense into only 8 chapters and an appendix. The authors clearly have a vast amount of forensic experience especially with regard to incident response, providing practical and sound advice to the reader. There are a number of other sources hinted at by the authors which shows thorough research benefiting this literature and ultimately the reader. This book provides the reader with a perfect introduction to UNIX and Linux Forensic Analysis, additional it should also benefit forensic investigators from the Windows centric world in grasping some of the power available with Linux and Open Source tools. This should allow the reader to complement their own arsenal of investigation tools and techniques with a complementary set of Linux forensic CDs and methodology. This is a book I would heartily recommend to experienced computer forensic examiners and those starting out. Especially to those investigators more used to the Windows environment. The book is clearly an introduction and hints at more to come. I very much look forward to reading more material from the authors covering more advanced topics in their next book. The final paragraph of the synopsis clearly says it all.



2. The authors initiate a very interesting subject, with very easy informative style of delivery. Looking forward of going through more advanced material by the authors with such valuable information.



3. I don't often write reviews, but after reading this book, I decided to write one. Not because this book was excellent, but because I was quite disappointed. I am not an expert in *nix security by any means; however, this book is exteremly basic. The target audience for this book is someone who has little or no knowledge in linux or unix internals and security.
   If you already know unix or linux, but are not familiar with tools like Nessus, nmap, wireshark, tcpdump, netcat, etc... just go directly to [...], where you can find the compilied list of the top 100 security tools from the nmap-hackers mailing list.
   
   What a waste of time and money.



4. The title may mislead readers to believe that this book discusses actual forensics of Unix and Linux systems. It does not. The authors waste precious pages in this short book discussing their favorite cool Linux apps like Nessus and Metasploit but don't have any meaningful discussion about the various flavors of Unix: AIX, Solaris, *BSD, etc. Their "Unix and Linux" forensic book is almost entirely about Linux. There is no thoughtful discussion about filesystem forensics; no technical detail helpful to Forensic Examiners.
   
   The few moments where the authors approach a meaningful forensic topic, the reader is redirected to an online resource rather than provided an analysis or explanation within the book.
   
   The book title may lead readers to believe that an accompanying DVD contains a Unix forensic toolkit of some kind. In fact, there is only 1.8 MB of documents and no tools save for a few (4) short Bash scripts that hardly cover a thorough forensics examination: live or otherwise. One of the scripts is only one line. One of these documents is an incomplete 3.5 page summary of Sleuthkit tools. By "incomplete" I mean that it is apparent that the author decided to quit writing. Apparently there was no room in this 236 page, 14-gauge font book to cover in any detail the different Unix filesystems, data acquisition, data carving or static filesystem analysis. But the authors make plenty of room to discuss scanning with Unix tools (nmap, nessus, etc.).
   
   There is a section entitled "Malware" except that no malware sample is actually examined. The reader is briefly introduced to Panda's AV scanner and is walked through how to use ClamAV as if that is the only AV scanner available for either a Unix user or Forensic Examiner. Forensic Examiners should pay very close attention to AntiVirus product comparative reviews.
   
   The book cover boasts that this is the "only digital forensic analysis book for *nix". Indeed there may be little in the way of books solely dedicated to Unix forensics but other books cover Unix forensics with greater detail than this one. For example, Brian Carrier's "Filesystem Forensic Analysis" or Jones, Bejtlich and Rose's "Real Digital Forensics".
   
   The book cover also boasts that readers can "Hit the ground running" with the information within. Unfortunately, if readers expect the content to help them bridge a gap between Windows and Unix, they will hit the ground with a resounding thud. If any Forensics Examiner finds value in the content of this book for actual Unix forensic investigations, I would question that examiner's experience and training.
   
   If the authors wanted to write a book about cool Linux tools or network scanning, they should have entitled the book differently. Perhaps "A Beginner's Guide to Using Linux and Linux Security Applications".
   
   I felt the title was misleading and false advertising. The authors take advantage of the word "Forensics" to sell a book that is not about forensics. For $53.95 I expected much more and was extremely disappointed and disgusted at the inferiority of the content.