FlazX | Browse Computer Book | Community Board | Links | Blog | Login


Windows Forensic Analysis DVD Toolkit (Learning Made Simple)



eBook Information




Windows Forensic Analysis DVD Toolkit (Learning Made Simple)
ISBN  159749156X
Release Date  12 July 2007
Category  Windows
This book @Amazon  View

Google Search
Google
Web flazx.com


The only book available on the market that addresses and discusses in-depth forensic analysis of Windows systems. Windows Forensic Analysis DVD Toolkit takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, who are often the front line troops when an incident occurs, but due to staffing and budgets do not have the necessary knowledge to effectively respond. The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else, as they were created by the author.

User review
Another Superb Book in Dgital Forensics from Harlan Carvey
Harlan continues to give us a fascinating look `under the hood` from a forensics perspective, this time stepping away from Incident Response and into the operating system that must be examined. His work continues to be readable, detailed, and includes a DVD with extensive tools, many written by him. A jewel in my forensics library, again!

User review
Great Book
This book is well written and a great asset to anyone doing computer investigations and forensics.

User review
Just like the title says.
It's a must for starting forensic analysis, especially on live systems. Maybee you can find the same information unorganised in forums, but time is money so spend it wisely.

User review
Excellent Real World Forensic Reference


This Book is great for beginners in the field of Forensics or veteran Forensic specialists in the field. The Author gets right to the point, and gives many real world examples and scenarios that any forensic investigator would find themselves dealing with. The Chapters do a great job of referencing the available tools on the included DVD disc.

I can't wait for the Second Edition of this series to be released soon!

Paul Chavez


User review
An excellent book for the IR practitioner
I purchased this book a few days ago, and as soon as I read the first chapter, I realized that I needed to read the entire book as quickly as possible. This is a wonderful book, and parts of it truely invoked a state of `nerdvana` in me!

PRO's:

First, I will say that the information in this book is tightly packed. There is no unnecessary verbage, and the writing is direct, to the point and understandable. There is a high ratio of technical content to noise, and this greatly contributed to my enjoyment of the book. Even in the technical areas that I was already familiar with, I found the summary of the information to be precise, accurate and helpful. I can see keeping the book around as a reference guide for years to come. The general structure of the book, for example the sections in grey boxes with the [!] annotation, works well, and the end-of-chapter summary and review (particularly the Q&A) are good.

There were several sections, ones that I was personally weak in to start with, that I found particularly helpful, such as the sections on analyzing packed or compressed executables and malware. I had just never gotten around to reading the whitepapers on these, and I'm glad I didn't as those chapters of the book summarized in a few pages what would have taken many more to pick up by reading other original sources. I personally thought that the chapter-to-chapter flow of the narrative was fine for anyone who does incident response on a regular basis.

Through the years, Harlan Carvey has developed and made available his tools in an open (perl) format with no need for compensation. The tools on the DVD alone are worth the money of the book, and are a great addition to any IR toolkit. The references to third party tools, many of which I hadn't heard of, were also particularly helpful.

CON's:

If you are not very technical, or not very familiar with the Windows operating system, you may be overwhelmed by the level of technical detail. If you are an experienced administrator, however, you should be able to adapt what you know about other operating systems (e.g. file structures, process execution, etc.) fairly easily. There were a few typographical errors in the book that didn't detract from its readability or technical accuracy.

All in all, and excellent book, and a must-have for ANY windows incident responder.





Other books on Windows
Introducing Windows Azure
Windows Netbooks: The Path to Low-Cost Computing (Path to Low Cost Computing)
Windows® Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition (PRO-Developer)
Windows PowerShell 2.0 Administrator's Pocket Consultant
Open Source for Windows Administrators (Administrator's Advantage Series)
Programming Industrial Strength Windows: Shrink-Wrap Your App!
CliffsNotes Making Microsoft Windows Me Work For You
Professional Microsoft Windows Embedded CE 6.0 (Wrox Programmer to Programmer)
Windows PowerShell Pocket Reference: Pocket Reference
Professional Windows DNA: Building Distributed Web Applications with VB, COM , MSMQ, SOAP, and ASP
Windows Administration Resource Kit: Productivity Solutions for IT Professionals
Professional Windows PowerShell Programming: Snapins, Cmdlets, Hosts and Providers (Wrox Professional Guides)
Pro Windows PowerShell (Pro)
Windows PowerShell(TM) Scripting Guide
Windows Home Server: Protect and Simplify your Digital Life


Resources
FlazX 100 Newest Books  Top 100 Search Keywords  Last 100 Search Keywords  Community Edition 


Google Talk : admin-at-flazx-dot-us


eXTReMe Tracker