No comments about Investigating High-Tech Crime.

1 comments about Economic Espionage and Industrial Spying (Cambridge Studies in Criminology).

1. Author Hedieh Nasheri suggests that if James Bond were alive and well, he probably would be pounding a keyboard somewhere. Her book consists of an entertaining review of historic case studies of computer crimes and industrial spying, plus an examination of the laws that nations have passed in an attempt to stem the leaky tide of outgoing information. The book defines the magnitude of the problem and pounds the drums for greater international cooperation on security and protection of intellectual property, but it is short on real solutions. And who can blame Nasheri? When countries such as China and France bug airplane seats, break into hotel rooms, pilfer attaché cases and pay cash for pirated industrial secrets, why delve into international policing? We believe that reading this book is a sound place to start deepening the business community's education about this escalating problem.

5 comments about Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition.

1. Reviewed: Hack Attacks Revealed, 2nd Edition, 2002

   I must say I am thoroughly disappointed with this book. The book's description, as well as other readers' comments led me to believe that this book would have been more than just a compilation of information that could be freely obtained at the dozens of security related web sites. Sadly, this was not the case.

   The bulk of the book merely describes (mostly outdated) common
   attacks/vulnerabilities, without getting into much detail why they exist and the underlying explanations on how they are exploited. As such the book reads like "For Vulnerability X, Install patch Y" without getting into more detail. Heck, even Microsoft's Security Bulletins give more info that this!

   Many of the "75 Top Hack Attacks" that the book promises can be freely found online (check CERT's site).

   The general impression I get from reading this book is that the author tried his best to fill up space in order to deliver an impressively thick book. Was it a requirement that he include SCREENSHOTS of various hacking tools/trojans, including step-by-step INSTALL SCREENSHOTS for the included TigerSuite software? (If you don't know how to install software then you need to develop more skills before learning about hacking!). Did he HAVE to include the useless 10 year old 'how to build a modem filter' BBS textfile (which by the way doesn't filter noise on modern modems)? Did the publisher mandate that he include 9 PAGES of Decimal-to-Hex conversion tables when you could use, say, Windows Calculator to do any needed conversions?

   Another thing I disliked was that Windows XP as well as Wireless networks (802.11/WEP were glossed over) were not really covered in the sort of detail that I desired.

   And, although I appreciate that a basic understanding of the x86 instruction set is required for better understanding low level security issues, I really don't see the point to Chapter 13's discussion on programming "How to Draw Circles in DOS mode" using the VESA bios interface. This is, in my opinion, not relevant considering the book's topic, so why include it? (A better choice would be explaining how the stack is used in high level languages (C, C++) and how buffer overrun hacks work). If you want to learn C, Assembly, or graphics programming buy a book dedicated to these topics. I think it's safe to say that the average reader will NOT become a programmer after reading the "Crash course in C" - it's an unreaslistic expectation.

   And to top it all off, the final insult to readers is the interruption of the author's hacking experience "Intuitive Intermission" with the phrase "... to be continued in: Hack Attacks Denied, 2nd Edition". I guess both the author and publisher want you to buy both books!

   My chief complaint with the book is that it doesn't seem to know who the reader is. In some areas the author gets down-and-dirty technical (x86 assembly/C programming) while in others he doesn't really explain details or just mentions things in passing (case in point: nowhere does he explain workings of a typical buffer overrun exploit, etc). Also, the author really does not give advice on how to secure or harden systems, aside from "install the update patch". For a book whose focus is security/hacking that's a pretty fatal flaw.

   Like I said earlier, this book really seems to me like the author just threw any material that he could find that was remotely related to hacking and presto, one hacking book ready to ship!

   If you are new to either the computer or security-related fields then perhaps this book may be of some value to you. If you are not an absolute beginner and know how to search the web, then I'd say that you probably don't need this book. Even if you do buy this book, it, like any security related book, will become technically obsolete as new software/exploits/patches are found.

   Quote: (under "Who should read this book?")

   "The hacking enthusiast and admirer of such films as Sneakers, The Matrix, Hackers, and Swordfish"

   If you still need another reason not to purchase this book, the above quote says it all!




2. I bought the 4th edition of Hack Attacks Revealed. This whole genre seems to be drenched in hyperbole and once again the marketing machine seems to have invaded these pages. The book does have copious basic information. The Tiger Tools are a very sick joke with barely any functionality or worth. Someone really should sue. The exploit code, which is unusually copious for a work of this ilk, does not of course in the main part work and I found only a very few of the very most mundane code would compile under MinGW, Cygwin or Linux, even after downloading the libraries specifically recommended by the online support team at tigertools.com who, to be fair, were prompt in their reply. No manner or library-jiggling and simple repairs sufficed: you've really got to understand programming sockets in C or perl to fix the average exploit. The hype of the titles and cover blurbs for this kind of book increases every season but the delivery remains as lame as it always has been. For anyone serious about taking a practical look at hacking time spent at securityfocus.org, neworder.box.sk or similar is in my opinion much more rewarding.



3. I was relieved to read that this isn't considered a very useful reference on How to Hack. Certainly Ch. seems at his most enthusiastic, frothiest, even foamiest, in talking about the wonderful world of hacking. Yeah, he repeatedly trots out the line about having to know how to attack to know how to defend, time after time, but ya' gotta' wonder where his heart lies (Okay, even Milton had this problem.)
   
   And that certainly is irksome if you, like me, are one of the growing number of people who have reluctantly become 'security amateurs,' and find ourselves reading 900+ page books, due to invasion of our privacy by amateur criminals. Whatever its merits for security professionals, this is probably not the book for you. It assumes too much technical background and doesn't provide sufficient detail on implementing various solutions. True, this may be covered in more detail in his other book, but including that we're talking 1800 pages...
   
   Editing would have helped, certainly. The 75 basic hack attacks are a useful overview on just how paranoid you should be, but the basic information about some of them is repeated up to 4 times, sometimes as boilerplate.
   
   I have seen a few books more suitable for amateurs, but the truth is that they aren't detailed enough to be helpful. I think that the only real solution to the security problem in the IT industry is to wake up to the fact that caveat emptor, 'professional ethics,' and self-regulation isn't working any better there than in health and safety, restaurant sanitation, the stock market or...well, you work it out. As long as it is only sort of illegal to break into someone's house as long as you use a computer, most geeks will do it.
   
   The ISPs aren't taking this seriously because they know people aren't much more likely to stop using e-mail than to stop using the phone, and most companiues were only kidding when they said they were interested in your problems.
   
   Once there are some laws with real teeth and real fines and real jail time, those who aspire to the appearance of respectability will go back to their regularly scheduled activities including tale bearing, beating the old lady, bothering the women (men) at work just enough to stay on the right side of the law, bitching about how the old lady (old man) doesn't want to screw, kicking the dog, pulling the wings off flies, and complaining how much better everything was in the good old days.



4. This book has done nothing to dispell my theory that the information
   content of a book is often inversely proportional to the number of pages
   in the book. I'm 200 pages into it and that's as far as I'm
   going to get. I expected some basic filler/theory in the first few
   pages, but plowed on in the hopes that the author understood
   the theory he was presenting and would use it later to explain security
   exploits. However, I lost all confidence in the book when
   I reached page 167, where the author demonstrates that he doesn't
   understand ping and/or DNS. I don't bring this up to nitpick. I bring it up
   because I think that anybody with pretensions to
   being a security expert had better know the basics of how the
   Internet works. How is anybody to make sense of, say, DNS spoofing,
   without knowing how DNS works?
   
   In case it's not obvious, the author confuses and muddles together
   the actions of resolving a DNS domain name to an IP
   address, and then using that IP address to send an ICMP echo
   request to the destination. This may seem like a minor thing,
   but its not just a typo (he makes the same mistake in three
   different places on page 167), and security is a confusing
   enough business without muddled descriptions like these.
   
   On a more minor note, I do not see the point in filling page
   after page with pretty pictures of the GUIs that hackers use
   at their end. The publishers probably know better than I do
   what sells today, but I don't understand why they and/or the
   authors apparently feel that the thicker a book is, the better.



5. John Chirillo has made a career of hacking. As a hacking consultant to Fortune 1000 companies part of his job is to break in to corporate networks to expose their holes and help his clients secure their networks. In Hack Attacks Revealed, he shares his knowledge of how hackers gain the information necessary to break into your systems.
   
   The book begins with a basic history and understanding of computer and networking technology. Mr. Chirillo covers the the protocols used and the purpose of the various ports used. The book also provides information on the scanning and network discovery tools used by hackers.
   
   (...)

No comments about The Best Damn Cybercrime and Forensics Book Period.

5 comments about Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It.

1. This book was painful to read. It is poorly written drivel. If you are truly interested in the topic, there are much better books written on Mitnick, Hacking/Phreaking, and/or computer security issues. With every paragraph that Shimomura writes about his love life (and there are plenty of them,) the book, (although calling it that is insulting to other books) continues on a long downward spiral into the absolute load of poop that it is. I feel sorry that paper was wasted to create this mess. I cannot believe I wasted several hours of my life reading this.



2. Fans of the Kevin Mitnick mythos will have a ball with this book dissecting everything that's wrong here. In the process of tracking Mitnick, Shimomura (and another important name, Markoff, whose relationship with Mitnick would be laughable if it didn't violate every concievable rule of morality) basically took free leave of both the law and personal decency. Mitnick became a "thing", and the two of them pushed that image of Mitnick to cover up the legal mess they would have been in if they'd been tracking some average Joe instead of Kevin Mitnick: The Man, The Myth, The Legend (again, an image which these two men essentially created).
   
   It's amazing to see how egotistical Shimomura is willing to be on the issue, and as noted by others, he shows this off in spades in this book. Shimomura and Markoff boh essentially believe that they are the lone men responsible for the takedown and capture of Mitnick, and that not even the dozens (hundreds?) of security firms and companies who spent millions of their own money tracking Mitnick deserve any credit at all. And in a sense, they are mostly correct- we wouldn't be talking about Mitnick today if Markoff and Shimomura weren't working so desperately hard to make money off of this story.
   
   If you're a fan of Mitnick, skip this book just because you don't want to give this man any royalties. If you're a fan of reading, skip this book because it's core is a mess of egotism. The only real reason to pick this up is if you have an insatiable urge to know every detail of this story that you can possibly get your hands on- in which case, it is another piece to the puzzle.
   
   I reccomend that interested parties check out Mitnick's own books: "Deception..." and "Intrusion...", as well as the fan favorite Jonathan Littman's "Fugitive Game".



3. I have The Fugitive and Takedown (this book) sitting in my room now. I borrowed both of them simultaneously. I had only heard of Mitnick before in anecdotes, and I thought it would be interesting to get both viewpoints.
   
   I started reading the Fugitive, but found it to read like a cheap B novel. The story jumped around in some sort of "stylistic" way that made it a bit incomprehensible and not very entertaining. There was a lack of coherence that made you wonder where it wwas going. The author also seemed to think that mentioning a lot of sex and drugs was the only way to keep the reader's attention.
   
   So about 80 pages through, I switched to Takedown, and finished it. I found it to be much better written and very engaging.
   
   All the negative reviews here are due to the fact that a lot of online people worship Mitnick, for some reason. I find him an interesting character, and definitely a skilled con-man. But he's no hero, no invincible genius.
   
   Shimomura can definitely be egotistical depending on your viewpoint, but it didn't bother me. It doesn't get in the way of the story, which was told beautifully and naturally.
   
   The story is engaging enough without having to dress it up in sensationalism. I'll have to go finish the Fugitive now to see if it can redeem itself.



4. Tedious, self-indulgent subplots. I dont care about Julia. No one cares about Julia. No one cares about where you eat or where you rent a car. These subplots REALLY screw-up the read. But the computer stuff is interesting enough. But somebody, please, toss Julia overboard.



5. Shimomura teamed up to write the most trivial, and boring details in this book about himself, and when he wasn't doing that, he was making up things about Kevin Mitnick. He never met Kevin Mitnick, he never knew Kevin Mitnick, he never had anything to do with Kevin Mitnick other than helping track him down because he was starved for attention and wanted to look like some super computer hero. Almost nothing in this book actually happened, I say almost because the only stuff that did actually happen were the trivial mundane details about Shumomura himself. Don't waste your time reading this sensationalist, tabloidian, garbage.

5 comments about Internet Forensics.

1. This book is written at a very low level. It is best suited to individuals with a very low experiance level; NOT for security professionals. O'Reilly has a number of good security books, but this is not one of them. Don't waste your money on it.



2. Do you have a professional interest in computer security; or are you a software developer and system administrator who take a broad interest in the Internet and how it works? Well, you're in luck! Author Robert Jones, has done an outstanding job of writing a book that shows you how to find the clues left behind at an Internet crime scene.
   
   Jones, begins with an overview of spam, phishing, and the other threats to today's Internet. Then, he walks you through the tools and techniques to retrieve information about Internet addresses and domain names. The author continues by reviewing the structure of email messages, how spammers forge message headers, and what you can uncover in spite of their efforts to hide. He also reviews the many ways that con artists conceal their identities and how you can see through their disguises. He continues by dissecting the operation of Internet scams by studying the pages and directories that make up a web site. In addition, the author next deals with ways to uncover information about web servers and their operation by looking at the headers records of standard web transactions. Then, he looks at what you reveal about yourself every time you visit a web site and some of the ways in which you can protect your personal information. The author continues by looking at techniques to extract information that lies hidden within PDF and Word documents. He also reviews the collection of miscellaneous techniques. He also reviews the many ways to search for similar features across multiple files; thus, allowing you to link together different Internet scams. He continues by looking at two in-depth examples of Internet forensics at work. Finally, he discusses how to combat Internet fraud and how you can play a part.
   
   This excellent book will show you how to uncover information that lies hidden inevery email message, web page, and web server on the Internet. You will gain an understanding of how the Internet functions.



3. Normally, I place little weight on the lowest and highest reviews for a book. In this case, I discarded the review "Far, far below O'Reilly's standards, February 7, 2006."
   
   However, after reading the book, I realized that this was the most accurate review. Is the book for Administrators or for home users? For UNIX or Windows users? The author would have you believe that it offers something for all. I disagree.
   
   Ultimately, it is so superficial and spread out that it is of little use to anyone. Why the author throws in a simple intro to IP Addresses and then seems to take up paragraph after paragraph on parameter options for Unix-based commands is beyond me.
   
   This book reads like bad spam - enticing the using with yet another title with catch words that are trendier than "free Vigra" - Internet + Forensics - both a limp approach to the quest for more money - yours and mine.
   
   Fight back - Don't waste your money on this book.
   
   Also notice that the author tries to gain our alliance and sympathies with his similar plight of spam email. If the guy truly is a security "expert" he should be spam-free. Free advice: Try a spam blocker, an email referral service, or just good system administration.



4. This book should be titled, Internet Security for Complete Idiots. If you think it's a good book, it's because you don't know much about Internet security. If you're a security professional and you think it's a good book, find a new career.



5. O'Reilly has had a hard time with their computer security lineup since they started expanding it a few years ago. While they have tried to focus on tight subjects with short volumes (this book at about 220 pages is no exception), these books often wind up being cursory treatments of the subjects, and in some cases downright wrong.
   
   Sadly, Internet Forensics is not an exception to this rule. While I like this book more than some of the other recent O'Reilly security books, that isn't saying much. We've come to expect clear, authoritative books or inspired tricks and tips type martial from O'Reilly's authors, and instead we're given unfocused, incomplete pages.
   
   To be fair, the topic of Internet Forensics is broad, not very well focused, and no one has written a good book on the subject. It's coming into the foreground, especially in this past year, as threat analysis has become popular. This is a new, wide open field, covering a broad range of malware, spam, phishing, and malicious website analysis coupled to tracking the origin and leading to takedown of the materials. However, this book doesn't really do a good job of much of that. And, at the end of 2006, some of the material feels positively quaint (even though it came out in late 2005). Although the author has defined his target audience in the introduction (infosec professionals, and software developers and IT operations people), I don't think they're well served with this offering.
   
   Chapter 1, an introduction to the book, is short and scattershot. Nothing promised in the preface is really delivered (no overview of spam, phishing, or other threats). Instead, it's just some writing with little focus. This tone carries throughout the book. Chapter 2 covers the basics of IP addressing (what the heck?! if you don't assume your readership knows this, they're in the wrong place), and then talks about DNS lookups with dig and whois. The people reading this should know how to use these tools already, where are the suggested requirements for the reader? Sadly, no tips on disambiguating whois results (p 22) are given, not an unexpected finding in this book. And we start with the inefficient Perl scripts, too. All in all, we're not off to a good start.
   
   Chapter 3 covers email, and sadly we waste time on the basics of email headers, and then go into making very good use of them. The coverage here is inconsistent and again, unfocused. By the time you finish chapter three with "is it really spam?", you're left wondering what the heck the author wanted you to learn. Chapter 4 is slightly better, focusing on on URL obfuscation. Sadly, none of the techniques given really hold up all that well any more. Again, we start with some basics and try and get somewhere, but along the way we're distracted and we've never really gotten a good sense of what's the objective.
   
   Chapter 5 on websites tries to cover some ground, but again, it's too unfocused. We talk about mirroring a site (why "wget -r" isn't listed, which is a common way of getting a malicious phishing site or directory, I don't know) and we even talk about SQL injection, but I don't know what the author is really after. It feels like random observations thrown in with no overall goals. Chapter 6 talks about web servers, and we talk about headers and redirection, and then delve into Netcraft stats (why?) and honestly I'm not clear what was useful here. This felt more like introductory material than anything useful. If the readers are infosec professionals, they should know what a web server header looks like and how to properly fingerprint the server.
   
   Chapter 7 is the complement to that, and talks about your browser. Again, some useful info, but it's incomplete. No real discussions about why you want to alter things other than some basic concepts. Chapter 8 talks about file contents, and there's some interesting basics on examining Word docs (track changes, strings, etc) but aside from some basics, there's not much great there. Sadly, no discussions on how to un-redact a PDF are given, just that it's been a problem.
   
   Chapter 9, which is a nice departure from solid technical materials, comes up short. It's incomplete and disappointing. Chapter 10 talks about pattern detection and signature creation, but again, this could have been beefier.
   
   Chapter 11, "case studies", is OK, but some better treatment to tie the lessons learned (or hopefully imparted) would have been nice. Finally, Chapter 12, "taking action", isn't very useful. No real great info or insight is here, and if you think that you'll be calling police departments about every phishing site, you're in for a sad wake up call -- there's just no way you can do that. One of the comments made in this chapter, specifically wanting to see a community response, tells me that the author (Jones) isn't well connected to the community that actually does track and respond to these threats.
   
   Internet Forensics is a poor attempt at this broad subject. While I appreciate the scope of what the author is trying to do, the execution is weak and suffers from a lack of focus or discipline. A book twice this size covering a fraction of the material, well executed, would have been a better offering. If you feel you must get this book, make sure you get it at a steep discount.

5 comments about Computer Forensics: Computer Crime Scene Investigation (With CD-ROM) (Networking Series).

1. With jails overcrowded this book certainly won't help.
   Great reference. Truly the "CSI" handbook of computer security reference. With hackers circling your computer like vultures this book gets to the root of what to look for and how to deal with it. Many examples of actual cases are referenced. A helpful reference CD is also included which is just icing for your hard drive.



2. Computer Forensics is very appropriate considering a number of data storage facilities that
   have been recently hacked into, resulting in theft of customer data. The subject matter of computer forsenic
   is logically presented from grounds up leading to a volume of valuable information. I was impressed with the
   case studies that appear in the appendix. The end of chapter exercises should be very useful,
   and thus could be adapted in a teaching environment. This text should form a companinon to the author's
   other text on Firewalls.



3. This edition of the book addresses the most current concerns/issues that every computer professional/layman should be aware of. The sheer amount of information offerd is impressive but, as always, presented in the same easy-to-absorb manner as John's numerous other books.



4. I was real excited when I saw this book that looked like the bible of computer forensics and it came with a DVD. The cost of 50 dollars made it expensive but with DVD that I hope would have video that I can watch.
   
   THe book is okay in giving a general idea of computer forensics. It was not very specific in what to do. It has an interactive part in which it give you general answer too not very thorough.
   
   Then, it goes on a tangent about warfare and cyber terrorism. It leaves the forensics behind. And the book goes over 700 pages.
   
   The DVd is intro to some fornesics software, I was hoping it had video
   to show people like me that are visual and can learn more this way.
   
   So, the book is okay but I would check others that are more specific and give more thorough details about computer forensics.



5. Vacca appears to have edited rather than written this, and none too well at that. Some chapters use British spelling and some US, some talk of Pounds Sterling and others Dollars. (For each of the five star reviews, examine that writer's other reviews see if you detect a pattern emerging.)
   
   Having said that, the book does present a fairly decent overview of computer forensics for those who want general information about it, and had it been advertised as such I'd have graded it higher. It offers little or nothing, however, to the practitioner or serious student.

5 comments about Charade.

1. If you ever felt betrayed this book will captivate you. And revenge? Yes it's in here...but you won't believe how it unravels. Gilbert Morris is dynamite when he puts his mind to the pen and paper. What a classic, unique twist from all the other fiction books I have read out there. It was a page turner let me tell you, another book you won't be able to put down.



2. Ollie Benson is an extremely overweight man who spends his days fixing computers in the back of a repair shop. He has no luck with women, and one blind date he goes on ends in an embarrassing manner. Ollie has no self esteem and no proper social skills. Ollie is also very smart and hits it big with a computer program that overnight makes him a millionaire. Dane Fetterman contacts Ollie with hopes of representing him in the fast paced software industry. While Ollie is rich he is still lonely. Then he meets Marlene, a beautiful woman who loves him for who he is. Soon tragedy strikes and Ollie is destroyed. Will Ollie choose the worldy way and seek vengeance on those who wronged him, or will God intervene with Ollie's soul and allow him to forgive those who wronged him?
   
   Charade is the fast paced new novel from Gilbert Morris. It is told in a quick, first-person point of view. The plot moves fast and never bogs down. It seems Morris knew the scenario he wanted to set up for the ending of his novel, so some of the plot devices he uses as part of Ollie's downfall seem a little farfetched, but it doesn't really detract from the story. Morris creates a world of people who have tons of money but lack in what really matters, God and morals. These people have everything but are always searching for more. I enjoyed his realist portrayal of sexuality in a Christian novel. Its nice to see an author acknowledge that sexual attract can exist in moral people.
   
   Morris' religious message is simple and isn't forced and the conclusion is quite predictable. I enjoyed this novel from beginning to end, in spite of Morris's implication the the Sierra Club is a worthwhile charity for Christians. In my opinion, while the Sierra Club might have lofty goals, they are in reality a left wing political organization that does more harm than good. Morris should leave politics out of future novels.



3. I never really connected with the characters. It seemed to me this was a hastily written book, and unlike other Morris books I've read, I found several obvious mistakes. Plus Morris repeated lines several times, as if each time he was writing it for the first time. I thought the ending was trite and quick, and what promised to be exciting, the whole revenge thing, was pretty much summed up in a few chapters. Sometimes books are subtly witnessing, but this one turned into a sermon! Not his best.



4. Story is about a very obese young man faced with societies rejections, lack of love, his struggle to confront his situation, and the pitfalls along the way. His few "friends" add to his difficulties until fate and a kindly "loner" set him on a corrective course. Book grabs you from the very beginning and is hard to put down. Highly recommended for adults young and old, of both sexes.



5. I enjoyed Morris' 3-mystery "Cat" series and decided to try another book by him.
   I quickly became involved with Ollie, the main character and his troubles as a fat man in a world that values thinness. The pivotal event in his life was poignant and horrifying. The clear parallels with "The Count of Monte Christo" made the story even more intruguing and it was fun to watch the transformation of Ollie from a sweet introvert into a vengeful charmer. An exciting and satisfying conclusion ended this enjoyable book.
   Apparently, Gilbert Morris is a prolific author in many, many genres. I'd like to read more of this kind from him.

1 comments about How Personal & Internet Security Works (How It Works).

1. I purchased this book online without getting a chance to look inside (the option was not available for this title...I believe I know why). In many cases buying a book by its title works out, but in this case it did not. Had I realized that this "award winning author of more than 30 books" also wrote a book called "Complete Idiot's Guide to Internet Privacy and Security", I certainly would have passed on the purchase.
   
   For a book of 280 pages, it contains very very little real content. Each chapter begins with a one page description of the topic (probably the most useful part of the book), followed by a series of two page spreads on each subtopic. Each two page spread is completely covered by a computer generated graphic, and 4 - 8 small paragraphs, enough to fill up at most 1/2 of one of the two pages. The graphics usually attempt to depict the subtopic, but most of the time there are a few items in the graphic that relate to the topic, but the graphics alone add no value to the topics, and often are a distraction from the few small paragraphs on the two pages. Had the graphics been absent, and the text condensed into normally spaced pages, no content or meaning would have been lost, and this would have amounted to about a 70 page book full of commonly known buzzwords and surface information many already know.
   
   As an example of how Gralla treats each subtopic, consider this analogy. If I were to read a book on how an automobile engines work, I would expect it to say something about the carburator, spark plugs, timing, camshaft, crankshaft, pistons, etc. The "Gralla" equivalent of this description would be something like "The gas goes in the engine, the spark plugs fire, and the wheels go round". For some, maybe that is enough. But for me, a book called "How Works" should tell you how it works!
   
   So, if all you need is the "gas, sparkplug, wheels" version of how things work in the internet security world, and you have $20 or so dollars to throw at it, then this is the book for you. However, if you would like to dig a little deeper, save your $20.00 and look for a more technical book on the subject, as I am off to do. What a big disappointment, and a waste of $20.

2 comments about Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition (Information Security).

1. This book is an excellent follow-on book to Computer Forensics: Incident Response Essentials by Kruse and Heiser, which introduces the fundamentals. This book goes much deeper and is more technical than the Kruse and Heise, therefore the ideal audience is practicing professionals who have prior experience in forensics and a wide range of hardware, software and network knowledge.

   Tools and techniques are presented in painstaking detail. I was unable to find a single gap or omission, which speaks highly of the editorial and review process behind this book's 464 pages. While most technical disciplines can dispense with finer details, the nature of forensics is to overlook nothing. If you find the step-by-step thoroughness boring that is an indication that forensics may not be your forte; if you're an experienced professional you'll appreciate the coverage of every technique or use of tools.
   
   While the discussion of tools and techniques will satisfy even the most experienced practitioner, I found the detailed discussion of legal aspects, HR considerations and overall security and incident response processes to be the book's strongest points. This area is what sets forensics experts apart from technicians, and it is here that the book (in my opinion) adds the most value. Procedures ranging from how to properly gather, preserve and control evidence, to legal considerations for designing processes are covered in clear language, as are US and international legal guidelines.

   Parts that I especially like include: intrusion management and profiling, up-to-date information on electronic commerce legal issues, the numerous checklists and cited resources, and the clearly delineated process for dealing with incidents.

   If you're new to forensics you will probably get more from this book by first reading Computer Forensics: Incident Response Essentials by Kruse and Heiser. If, however, you have previous computer forensics experience or are currently serving in that role this book is probably one of the best investments you can make.




2. I was looking for a book that would teach me how to do things. I can find lots of information on the internet, but I wanted techniques collaborated in one book by a professional. What I found was a lot of legal background, and historical background. I am not starting a computer forensics firm, but I do want to be able to track down, if some sort of mishap occurs. This book provides low level information, like dissecting Netscape, and going through and showing you how to track someone's steps through Netscape Navigator. I wanted some more practical knowledge that I could use to fight spammers, or to show me how to deal with intrusions on my system. I was disappointed with this book, but I hope that you won't be.