Incident Response & Computer Forensics, 2nd Ed.

Incident Response & Computer Forensics, 2nd Ed.

List Price

Web Price

  • New
  • Mint Condition
  • Dispatch same day for order received before 12 noon
  • Guaranteed packaging
  • No quibbles returns

Written by FBI insiders, this updated best-seller offers a look at the legal, procedural, and technical steps of incident response and computer forensics.Incident Response aims to teach you how to determine when an attack has occurred or is underway–they’re often hard to spot–and show you what to do about it. A strong system of defences will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Authors Kevin Mandia and Chris Prosise favour a tools–and procedures-centric approach to the subject, thereby distinguishing this book from others that catalogue attacks and methods for dealing with each. The approach is more generic and therefore better suited to dealing with newly emerging attack techniques.

Anti-attack procedures are presented with the goal of identifying, apprehending and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behaviour is top-quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don’t–and can’t–offer a foolproof guide to catching crackers in the act, but they do offer a great “best practices” guide to active surveillance. –David Wall

Topics covered: Monitoring computer systems for evidence of malicious activity and reacting to such activity when it’s detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack and tools for making forensic work easier.

Find More Computer Security Products

You may also like...

2 Responses

  1. [email protected] says:
    10 of 10 people found the following review helpful
    5.0 out of 5 stars
    Excellent book covering all aspects of computer forensics, 16 July 2001
    By A Customer

    Written by two of Foundstone’s specialists in the area of Computer Forensics, this book covers many aspects of discovering who has attempted to attack your computer systems and what to do with this information. It describes what to look for, where to look, and how exploits are exploited. Covering NT, Unix, and routers, it takes you through step-by-step monitoring for attacks, intrusion detection, and what to do with this data when you have collated it.

    This is the first book that has covered this subject, hopefully there will be a lot more to follow.

    An excellent book, well worth a read.

    Help other customers find the most helpful reviews 

    Was this review helpful to you? Yes

  2. Anonymous says:
    5.0 out of 5 stars
    Security book which should be in your Collection, 26 May 2006

    Amazon Verified Purchase(What is this?)
    This review is from: Incident Response & Computer Forensics, 2nd Ed. (Paperback)

    I bought this purely on the reviews that were written on Amazon and I must say that this is one the great books. It is well written in plain english, has loads of examples and clearly explains the steps needed to become a good security analyst.

    Would thoroughly recommend to anyone aspiring to become a security analyst or who simply needs that bit of extra help or assistance.

    Help other customers find the most helpful reviews 

    Was this review helpful to you? Yes

Leave a Reply

Your email address will not be published. Required fields are marked *