"4. I am currently reading Computer Forensics: Incident Response Essentials
by Warren Kruse and Jay Heiser, are there any other books and/or whitepapers that anyone can suggest?" Warren is a good guy and his book is very good. Here is a reading list that has been going around (and added to): Hardware Section "Upgrading And Repairing PCs", by Scott Mueller, Que, ISBN: 0789725428 "Troubleshooting, Maintaining & Repairing PCs", by Stephen Bigelow, McGraw-Hill, ISBN: 0072132728 "PC Hardware in a Nutshell", by Robert Bruce Thompson, et. al., O'Reilly & Associates, ISBN: 1565925998 Microsoft Windows Section "Inside Microsoft Windows 2000, Third Edition" by Solomon and Russinovich, Microsoft Press, ISBN 0-7356-1021-5 "Inside the Windows 95 File System" by Stan Mitchell, O'Reilly and Associates, ISBN 1-56592-200-X "Windows NT File System Internals: A Developers Guide" by Rajeev Nagar, O'Reilly and Associates, ISBN 1-56592-249-2 "Undocumented Windows NT" by Prasa Dabak, et. al., M&T Books, ISBN 0-7645-4569-8 "Undocumented Windows 2000 Secrets: A Programmer's Cookbook", by Sven B. Schreiber, Addison-Wesley, ISBN 0-201-72187-2 "Windows 2000 Kernel Debugging" by Stephen McDowell, Prentice Hall, ISBN: 0130406376. "Developing Windows NT Device Drivers: A Programmers Handbook" by Dekker and Newcomer, Addison-Wesley, ISBN: 0201695901. "Windows Admin Scripting Little Black Book" by Jesse M. Torres, Coriolis Group, ISBN: 1576108813. "Windows NT/2000 Network Security" by E. Eugene Schultz, New Riders, ISBN: 1578702534. "Microsoft Windows NT Technical Support Training" by Microsoft Press, ISBN: 1572313730. UNIX Section "Essential System Administration" by Aeleen Frisch, O'Reilly & Associates, ISBN: 1565921275. "UNIX System Administration Handbook, Third Edition" by Evi Nemeth, et. al., Prentice Hall, ISBN: 0130206016. "Unix Power Tools Second Edition", by Jerry Peek, et. al., O'Reilly & Associates, ISBN: 1565922603. "Using csh and tcsh", by Paul DuBois, O'Reilly & Associates, ISBN: 1565921321 A book on the Bourne shell (sh), the Korn shell (ksh), and the Bourne Again shell (bash). Programming Languages Section "The C Programming Language" by Kernighan and Ritchie, Prentice Hall, ISBN 0-13-110362-8 "Programming Perl, Second Edition" by Larry Wall, et. al., O'Reilly and Associates, ISBN 1-56592-149-6 "Perl Cookbook" by Christiansen and Torkington, O'Reilly and Associates, ISBN 1-56592-243-3 "Mastering Regular Expressions" by Jeffrey Friedl, O'Reilly and Associates, ISBN 1-56592-257-3 a C++ book A Visual Basic book Networking Section "TCP/IP Illustrated, Volume 1: The Protocols" by W. Richard Stevens, Addison-Wesley, ISBN 0-201-63346-9 "Steal This Computer Book" by Wallace Wang, No Starch Press, ISBN: 1886411425. "Network Intrusion Detection: An Analyst's Handbook, Second Edition" by Stephen Northcutt, et. al., New Riders, ISBN 0735710082. "Sendmail, Second Edition", by Bryan Costales, O'Reilly and Associates, ISBN 1-56592-222-0 "DNS and BIND, Fourth Edition", by Albitz and Liu, O'Reilly and Associates, ISBN 0596001584. "The Whole Internet: The Next Generation", by Conner-Sax and Krol, O'Reilly and Associates, ISBN 1-56592-428-2 "Practical UNIX & Internet Security", by Garfinkel and Spafford, O'Reilly and Associates, ISBN 1-56592-148-8 a NetBIOS book Computer Forensics Section "Computer Forensics: Incident Response Essentials" by Kruse and Heiser, Addison-Wesley ISBN: 0201707195 "Know Your Enemy: Revealing the Security Tools, tactics, and Motives of the Blackhat Community" edited by Lance Spitzner, Addison-Wesley ISBN: 0201746131. "Handbook of Computer Crime Investigation: Forensic Tools & Technology" by Eoghan Casey, Academic Press ISBN: 0121631036. "Digital Evidence and Computer Crime" by Eoghan Casey, Academic Press, ISBN: 012162885X. "Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes" by Marcella and Greenfield, Auerbach Publications, ISBN: 0849309557. "Computer Forensics: Computer Crime Scene Investigation" by John R. Vacca, Charles River Media, ISBN: 1584500182. "Computer Forensics and Privacy" by Michael Caloyannides, Artech House, ISBN: 1580532837. "Incident Response: Investigating Computer Crime" by Chris Prosise, Kevin Mandia, McGraw-Hill, ISBN: 0072131829. "Forensic Computing : A Practitioner's Guide" by Tony Sammes, et. al., Springer Verlag, ISBN: 1852332999. "Information Assurance: Surviving the Information Environment" by Blyth and Kovacich, Springer Verlag, ISBN: 185233326X. Forensics Section "Criminalistics: An Introduction to Forensic Science" by Richard Saferstein, Prentice Hall, ISBN: 0130138274. "Techniques of Crime Scene Investigation" by Barry Fisher, CRC Press; ISBN: 0849381193. "Criminal Investigation" by Charles Swanson, et. al, McGraw-Hill Higher Education; ISBN: 007228594X. -----Ursprüngliche Nachricht----- Von: Joe Lindsay [mailto:[EMAIL PROTECTED] Gesendet: Tuesday, June 24, 2003 7:39 PM An: [EMAIL PROTECTED] Betreff: Questions concerning computer forensics I am currently a senior in college and I am looking to go into computer forensics. Right now i am currently teaching myself some of the tehniques used in doing Win2k and some *nix investigation. I am a computer science and information systems major. I just have some questions about computer forensics in general. 1. How closely related are computer forensics and security? 2. I have done palm programming, and I read an article about palms being used to prosecute. Is there a growing need for palm forensics? 3. I have some tools, but they are from sourceforge. Are there any freeware or trialware available for Win2k machine(sadly been unable to get linux installed, tried many different distros :-<)? 5. Is there a growing need for computer forensics in the work place? Does the security analyst or consultant double up as computer forensic analyst or security investigator? Thank you for your time, Joe Lindsay _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------