Do not forget Brian Carrier's EXCELLENT book, "File System Forensic
Analysis".
This book and "Real Digital Forensics" were VERY HIGHLY recommended by
my mentors...
Chip Meadows, CISA, CISSP, CCSE
"The significant problems we face cannot be solved by the same level of
thinking that created them"... Albert Einstein
My opinions, not ANYONE ELSES.
So there...
-----Original Message-----
From: Cooper, Christopher [mailto:Christopher.Cooper (at) ed (dot) gov [email concealed]]
Sent: Tuesday, January 24, 2006 3:20 PM
To: frank_kenisky (at) psc.uscourts (dot) gov [email concealed]; incidents (at) securityfocus (dot) com [email concealed]
Subject: RE: Re: REVIEW: "Incident Response", Douglas Schweitzer
I can recommend two excellent books, which have recently come out:
Real Digital Forensics, Jones, Bejtlich and Rose
Forensic Discovery, Farmer and Venema
Both have excellent reviews written about them at Amazon. Good luck and
happy reading.
-----Original Message-----
From: frank_kenisky (at) psc.uscourts (dot) gov [email concealed]
[mailto:frank_kenisky (at) psc.uscourts (dot) gov [email concealed]]
Sent: Tuesday, January 24, 2006 10:35 AM
To: incidents (at) securityfocus (dot) com [email concealed]
Subject: Re: Re: REVIEW: "Incident Response", Douglas Schweitzer
Good question but too general for any type of specific response. What
exactly are you looking to examine? Router activity, servers,
workstation (probably considered by many to be one in the same) network,
disk, etc.
The first thing I would recommend to anyone considering what to do
/snip
Analysis".
This book and "Real Digital Forensics" were VERY HIGHLY recommended by
my mentors...
Chip Meadows, CISA, CISSP, CCSE
"The significant problems we face cannot be solved by the same level of
thinking that created them"... Albert Einstein
My opinions, not ANYONE ELSES.
So there...
-----Original Message-----
From: Cooper, Christopher [mailto:Christopher.Cooper (at) ed (dot) gov [email concealed]]
Sent: Tuesday, January 24, 2006 3:20 PM
To: frank_kenisky (at) psc.uscourts (dot) gov [email concealed]; incidents (at) securityfocus (dot) com [email concealed]
Subject: RE: Re: REVIEW: "Incident Response", Douglas Schweitzer
I can recommend two excellent books, which have recently come out:
Real Digital Forensics, Jones, Bejtlich and Rose
Forensic Discovery, Farmer and Venema
Both have excellent reviews written about them at Amazon. Good luck and
happy reading.
-----Original Message-----
From: frank_kenisky (at) psc.uscourts (dot) gov [email concealed]
[mailto:frank_kenisky (at) psc.uscourts (dot) gov [email concealed]]
Sent: Tuesday, January 24, 2006 10:35 AM
To: incidents (at) securityfocus (dot) com [email concealed]
Subject: Re: Re: REVIEW: "Incident Response", Douglas Schweitzer
Good question but too general for any type of specific response. What
exactly are you looking to examine? Router activity, servers,
workstation (probably considered by many to be one in the same) network,
disk, etc.
The first thing I would recommend to anyone considering what to do
/snip
[ reply ]