|Wydawnictwo||Addison Wesley Publishing Company|
|Forma publikacji||książka w miękkiej oprawie|
|Poziom zaawansowania||Dla profesjonalistów, specjalistów i badaczy naukowych|
|Kategorie||Przewodniki komputerowe i serwisy online, Prywatność i ochrona danych, Computer fraud & hacking, Data encryption, Bezpieczeństwo sieci|
"Don't look now, but your fingerprints are all over the cover of this book. Simply picking it up off the shelf to read the cover has left a trail of evidence that you were here.
"If you think book covers are bad, computers are worse. Every time you use a computer, you leave elephant-sized tracks all over it. As Dan and Wietse show, even people trying to be sneaky leave evidence all over, sometimes in surprising places.
"This book is about computer archeology. It's about finding out what might have been based on what is left behind. So pick up a tool and dig in. There's plenty to learn from these masters of computer security."
--Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting Software and Building Secure Software
"A wonderful book. Beyond its obvious uses, it also teaches a great deal about operating system internals."
--Steve Bellovin, coauthor of Firewalls and Internet Security, Second Edition, and Columbia University professor
"A must-have reference book for anyone doing computer forensics. Dan and Wietse have done an excellent job of taking the guesswork out of a difficult topic."
--Brad Powell, chief security architect, Sun Microsystems, Inc.
"Farmer and Venema provide the essential guide to 'fossil' data. Not only do they clearly describe what you can find during a forensic investigation, they also provide research found nowhere else about how long data remains on disk and in memory. If you ever expect to look at an exploited system, I highly recommend reading this book."
--Rik Farrow, Consultant, author of Internet Security for Home and Office
"Farmer and Venema do for digital archaeology what Indiana Jones did for historical archaeology. Forensic Discovery unearths hidden treasures in enlightening and entertaining ways, showing how a time-centric approach to computer forensics reveals even the cleverest intruder."
--Richard Bejtlich, technical director, ManTech CFIA, and author of The Tao of Network Security Monitoring
"Farmer and Venema are 'hackers' of the old school: They delight in understanding computers at every level and finding new ways to apply existing information and tools to the solution of complex problems."
About the Authors.
I. BASIC CONCEPTS.
1. The Spirit of Forensic Discovery.
Unusual Activity Stands Out.
The Order of Volatility (OOV).
Layers and Illusions.
The Trustworthiness of Information.
The Fossilization of Deleted Information.
Archaeology vs. Geology.
2. Time Machines.
The First Signs of Trouble.
What's Up, MAC? An Introduction to MACtimes.
Limitations of MACtimes.
Argus: Shedding Additional Light on the Situation.
Panning for Gold: Looking for Time in Unusual Places.
DNS and Time.
Journaling File Systems and MACtimes.
The Foibles of Time.
II. EXPLORING SYSTEM ABSTRACTIONS.
3. File System Basics.
An Alphabet Soup of File Systems.
UNIX File Organization.
UNIX File Names.
UNIX File Types.
A First Look Under the Hood: File System Internals.
UNIX File System Layout.
I've Got You Under My Skin: Delving into the File System.
The Twilight Zone, or Dangers Below the File System Interface.
4. File System