Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Computer forensics : computer crime scene investigation (Networking Series)
Vacca J., Charles River Media, Inc., Rockland, MA, 2005. 832 pp. Type: Book (9781584503897)
Date Reviewed: Dec 7 2005

Computer forensics is a domain of growing importance, similar to all security-related services, and the number of new books in this area is increasing rapidly.

This book starts off with a discussion of the reasons a company might need computer forensics and the details that are important when hiring outside services. Although the first chapter contains a lot of relevant information, there are some parts that reiterate common knowledge not specific to computer forensics. For example, page 14 describes differences between services available during normal business hours (9 a.m. to 5 p.m., Monday through Friday) and on the weekends. Some topics are discussed in more detail than necessary.

In Part 1, an overview of systems and forensic services is provided. The systems described are very different in nature and complexity (for example, storage area network security systems, identity theft, and homeland security systems). Part 2 addresses how to recover data, and how to seize and store evidence. Copying of digital evidence--a fundamental step in most forensic analyses--is explained. Part 3 focuses on forensic analysis. The usual steps are identifying data and subsequently reconstructing past events. Network forensics is explained in chapter 12. Part 4 covers the timely topic of information warfare. While this part is fun to read and provides readers with a lot of new insight, the author seems to drift away from the book’s main topic: computer forensics. Part 5 summarizes and concludes the book. The appendices provide additional information. The enclosed CD-ROM contains white papers and some tools by different vendors. Appendix G (“About the CD-ROM”), however, fails to list the tools or how to use them. This makes exploring the CD-ROM rather tedious.

The book is certainly worth reading. The language is entertaining, and nonexperts can learn a lot. The entire book is easy to read and understand, making it ideal for people who want to know more about computer forensics. To become an expert in computer forensics, however, I recommend reading the books by Casey [1] (my first choice) and Farmer and Venema [2] (my second choice).
Reviewer:  Edgar R. Weippl Review #: CR132133 (0610-1044)
1) Casey, E. Digital evidence and computer crime. Academic Press, Orlando, FL, 2004.
2) Farmer, D.; Venema, W. Forensic discovery. Addison Wesley, Boston, MA, 2005.
Bookmark and Share
  Reviewer Selected
Featured Reviewer 		 
 
Unauthorized Access (K.6.5 ... )
 
 
Invasive Software (K.6.5 ... )
 
 
Network Monitoring (C.2.3 ... )
 
 
Network Operations (C.2.3 )
 
Would you recommend this review?
yes
no
Other reviews under "Unauthorized Access": Date
Testing and evaluating computer intrusion detection systems
Durst R., Champion T., Witten B., Miller E., Spagnuolo L. Communications of the ACM 42(7): 53-61, 1999. Type: Article		 Aug 1 1999
Honeypots: tracking hackers
Spitzner L., Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2002. Type: Book (9780321108951)		 Jan 2 2003
Web hacking: attacks and defense
McClure S., Shah S., Shah S., Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2002.  492, Type: Book (9780201761764)		 Jul 25 2003
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy