Incident Response and Computer Forensics, Second Edition

最新推荐文章于 2024-07-24 16:40:15 发布
最新推荐文章于 2024-07-24 16:40:15 发布
阅读量779 收藏
点赞数
分类专栏: Crack Tutorials 文章标签: resources tools system behavior methods windows
 Amazon.com A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques. Anti-attack procedures are presented with the goal of identifying, apprehending, and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behavior is top quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don't--and can't--offer a foolproof guide to catching crackers in the act, but they do offer a great "best practices" guide to active surveillance. --David Wall Topics covered: Monitoring computer systems for evidence of malicious activity, and reacting to such activity when it's detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack, and tools for making forensic work easier. --This text refers to an out of print or unavailable edition of this title. Book Description Written by FBI insiders, this updated best-seller offers a look at the legal, procedural, and technical steps of incident response and computer forensics. Including new chapters on forensic analysis and remediation, and real-world case studies, this revealing book shows how to counteract and conquer today’s hack attacks. # 507 pages # Publisher: McGraw-Hill/Osborne; 2 edition (July 17, 2003) # Language: English # ISBN-10: 007222696X # ISBN-13: 978-0072226966 http://rapidshare.com/files/88230990/Incisics_2nd_ed._W.pdf
linhanshi
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Incident Response and Computer Forensics 2nd ed.7z
08-21
INTRODUCTION A ccording to the Internet research firm comScore, goods and services worthmorethan$17billionweresoldviatheInternetinthefirstquar- ter of 2002. It has been our experience that wherever money goes, crime follows. We have spent the last few years responding to incidents where the number one goal of a computer crime was money. Nearly every computer intrusion we have responded to was followed by credit card fraud, extortion, or fraudulent purchases of merchandise by thieves who had obtained valid customer credentials on e-commerce sites. It is highly probable that these intrusions also led to identity theft. With enough infor- mation about an individual, evildoers can manufacture false credentials andattempttowithdrawmoneyfromanunwittingperson’sbankaccounts. Today’s attackers are much more efficient and aggressive at seeking eco- nomic gain than they have been in the past. New regulations and standards are indirectly and directly influencing an organization’s capability to respond to computer security incidents. Therefore, we wrote this book to illustrate a professional approach to inves- tigating computer security incidents in an effort to help organizations com- ply with the new standards and regulatory requirements, as well as to minimize losses. xxv Copyright 2003 by The McGraw-Hill Companies, Inc. Click Here for Terms of Use. Duringaninvestigationofacomputersecurityincident,theuntrainedsystemadmin- istrator, law enforcement officer, or computer security expert may accidentally destroy valuable evidence or fail to discover critical clues of unlawful or unauthorized activity. We have witnessed lack of education curtail too many efforts to apprehend external and internal attackers. We have also witnessed computer forensics evolve from an esoteric skill to a propri- etary esoteric skill, with nearly every company that performs forensic analysis develop- ing many of its own tools and not sharing them. Also, much of the forensic training is availabletolawenf
Computer Forensics and Cyber Crime An Introduction(3rd) 无水印原版pdf
12-29
Computer Forensics and Cyber Crime An Introduction(3rd) 英文无水印原版pdf 第3版 pdf所有页面使用FoxitReader、PDF-XChangeViewer、SumatraPDF和Firefox测试都可以打开 本资源转载自网络,如有侵权,请联系上传者或csdn删除 查看此书详细信息请在美国亚马逊官网搜索此书
信息安全行业里面一些很不错的书
weixin_34288121的博客
07-02 203
http://bbs.byr.cn/#!article/Focus/45726 发信人: RSA (RSA), 信区: Security  标  题: 信息安全行业里面一些很不错的书 发信站: 北邮人论坛 (Thu Mar  1 12:25:17 2012), 站内   A Practical Guide to Federal Enterprise Architecture.pdf FEA架构...
信息安全推荐书籍
happy井二胖
10-30 1423
转自:http://dfir.org/?q=node/8/ Recommended Reading This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital
reference
longcanada的专栏
02-21 7280
A New Procedure to Help System/Network Administrators Identify Multiple Rootkit Infections desmondlobo@students.ballarat.edu.au, {p.watters, x.wu}@ballarat.edu.au [1] L. Wang and P.
stanford 课程表
qq_27151549的博客
11-22 4693
https://exploredegrees.stanford.edu/coursedescriptions/cs/ CS 101. Introduction to Computing Principles. 3-5 Units. Introduces the essential ideas of computing: data representation, algorithms, prog...
2015年关注的技术书籍
weixin_34399060的博客
02-16 71
http://www.springer.com/computer/security+and+cryptology?SGWID=8-40160-66-653429-0&sba=INCLUDE&originalID=109089&amp...
洞悉netfilter_洞悉网络数据包捕获
weixin_26735445的博客
08-20 838
洞悉netfilterThis article is aimed at those wanting to learn how to leverage network traffic capture and analysis tools as part of the digital forensics and incident response (DF/IR) processes. These di...
Reverse-Engineering Malware
01-25 9693
 This paper discusses tools and techniques useful for understanding inner workings of malware such as viruses, worms, and trojans. We describe an approach to setting up inexpensive and flexible labo
Oracle Incident Response and Forensics Preparing for and Responding to Data epub
12-16
Oracle Incident Response and Forensics Preparing for and Responding to Data Breaches 英文epub 本资源转载自网络,如有侵权,请联系上传者或csdn删除 查看此书详细信息请在美国亚马逊官网搜索此书
Oracle Incident Response and Forensics Preparing for and Responding to 无水印原版pdf
12-17
Oracle Incident Response and Forensics Preparing for and Responding to Data Breaches 英文无水印原版pdf pdf所有页面使用FoxitReader、PDF-XChangeViewer、SumatraPDF和Firefox测试都可以打开 本资源转载自...
Hacking Exposed Computer Forensics_ Computer Forensics Secrets & Solution
08-16
“This is not an incident response handbook.” This was the first line of the introduction for the first edition. Little did we know at the time how much computer forensics would change since the ...
Computer And Intrusion Forensics.7z
08-21
2.5 Computer crime legislation and computer forensics . . . . . . . . 90 2.5.1 Council of Europe convention on cybercrime and other international activities . . . . . . . . . . . . . . . . . . . . . ....
[转载]安全职业生涯进阶:92 个简单步骤 "破解" 安全行业
zhengxm的专栏
10-06 499
作者:Karl Levinson,CISSP,Looking Glass Systems请参阅其他每月安全 MVP 文章专栏。这么说您想要获得一份信息安全工作?或者您已经在从事信息安全工作 (infosec),但想要进一步提高或转到其他信息安全领域?下面是我所知道的有关在信息安全方面自我提高的常见问题的答案。我在自己的职业生涯的各个阶段运用这些信息成功地实现了学习和提高。我唯一的遗憾是
安全职业生涯进阶:92 个简单步骤 "破解" 安全行业
yjyj001的专栏
01-08 134
文章出处 http://www.microsoft.com/china/technet/community/columns/secmvp/sv0706.mspx   每月安全 MVP 文章 - 2006 年 7 月 安全职业生涯进阶:92 个简单步骤 "破解" 安全行业 发布日期: 2006年07月12日   作者:Karl Levinson,CISSP,Looking Glass Sys...
数据结构——双向链表及其总结
2406_83392683的博客
07-23 413
1.概述链表根据是否带头、是否双向、是否循环可以分为八种,双向链表是典型的带头双向循环链表。2.双向链表的实现过程及其解析双向链表的实现依旧包含List.h,List.c,test.c2.1 链表初始化双向链表为空的情况:只有一个哨兵位。2.2插入数据。
2024.7.19 作业
qq_64434282的博客
07-19 2696
【代码】2024.7.19 作业。
【数据结构】单链表&带头双向循环链表的实现
最新发布
t5y22的博客
07-24 443
链表
intelligence-driven incident response
09-21
智能驱动的事件响应(intelligence-driven incident response)是指在网络安全领域采用智能化的方法和技术来应对和处理安全事件。智能驱动的事件响应依靠全面、即时的情报信息和智能分析,以迅速、有效地检测、分析...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值