Cyber Crime Investigator's Field Guide: 2nd Edition (Paperback) book cover

Cyber Crime Investigator's Field Guide

2nd Edition

By Bruce Middleton

Auerbach Publications

296 pages | 66 B/W Illus.

Purchasing Options:$ = USD
Paperback: 9780849327681
pub: 2005-01-25
SAVE ~$21.00
$105.00
$84.00
x
Hardback: 9781138415447
pub: 2017-07-27
SAVE ~$41.00
$205.00
$164.00
x
eBook (VitalSource) : 9780429074813
pub: 2005-01-25
from $49.48


FREE Standard Shipping!

Description

Many excellent hardware and software products exist to protect our data communications sytems, but security threats dictate that they must be further enhanced. Many laws implemented during the past 15 years have provided law enforcement with more teeth to take a bite out of cyber crime, but there is still a need for individuals who know how to investigate computer network security incidents. Organizations demand experts with both investigative talents and a technical knowledge of how cyberspace really works. Cyber Crime Investigator's Field Guide, Second Edition provides the investigative framework that needs to be followed, along with information about how cyberspace works and the tools that reveal the who, what, when, where, why, and how in the investigation of cyber crime.

This volume offers a valuable Q&A by subject area, an extensive overview of recommended reference materials, and a detailed case study. Appendices highlight attack signatures, UNIX/Linux commands, Cisco PIX commands, port numbers targeted by trojan horses, and more.

Table of Contents

THE INITIAL CONTACT

Chapter Questions

CLIENT SITE ARRIVAL

Chapter Questions

EVIDENCE COLLECTION PROCEDURES

Detailed Procedures for Obtaining a Bitstream Backup of a Hard Drive

Chapter Questions

EVIDENCE COLLECTION AND ANALYSIS TOOLS

SafeBack

GetTime

FileList, FileCnvt, and Excel©

GetFree

Swap Files and GetSwap

GetSlack

Temporary Files

TextSearch Plus

CRCMD5

DiskSig

Chapter Questions

ACCESSDATA'S FORENSIC TOOL KIT

Creating a Case

Working on an Existing Case

Chapter Questions

GUIDANCE SOFTWARE'S ENCASE

Chapter Questions

ILOOK INVESTIGATOR

Chapter Questions

PASSWORD RECOVERY

Chapter Questions

QUESTIONS AND ANSWERS BY SUBJECT AREA

Evidence Collection

Legal

Evidence Analysis

UNIX

Military

Hackers

BackTracing (TraceBack)

Logs

Encryption

Government

Networking

E-Mail

RECOMMENDED REFERENCE MATERIALS

PERL and C Scripts

UNIX, Windows, NetWare, and Macintosh

Computer Internals

Computer Networking

Web Sites of Interest

CASE STUDY

Recommendations

APPENDIX A: GLOSSARY

APPENDIX B: PORT NUMBERS USED BY MALICIOUS

TROJAN HORSE PROGRAMS

APPENDIX C: ATTACK SIGNATURES

APPENDIX D: UNIX/LINUX COMMANDS

APPENDIX E: CISCO PIX FIREWALL COMMANDS

PIX Command Reference

APPENDIX F: DISCOVERING UNAUTHORIZED ACCESS

TO YOUR COMPUTER

APPENDIX G: ELECTROMAGNETIC FIELD ANALYSIS

(EFA) "TICKLER"

APPENDIX H: THE INTELLIGENCE COMMUNITY SINCE

9/11

APPENDIX I: ANSWERS TO CHAPTER QUESTIONS

About the Originator

Subject Categories

BISAC Subject Codes/Headings:
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General