h1

Windows Forensic and Incident Recovery – By Harlan Carvey..

October 16, 2010

This book is recommended for those who in the computer forensic. It discusses the method and techniques on how to do forensic on windows based operating systems , using the latest tools and some perl script scripting , written by the author. Harlan Carvey is popular among the computer security community , had been spoken as a speaker in Defcon , Black Hat and many other computer talks. His techniques and methods had been showed in Hak5 podcasting program , dedicated for hacking. For your guys info , there is only one book is available in Perpustakaan Negara Malaysia (PNM) . I just discovered the book yesterday , had a preview the content of the book , and it’s really a great book for those who consider computer forensic as their proffesion.

Drawing on his widely acclaimed course, Carvey uses real-world examples to cover every significant incident response, recovery, and forensics technique. He delivers a complete incident response toolset that combines today’s best open source and freeware tools, his own exclusive software and scripts, and step-by-step instructions for using them. This book’s tools and techniques apply to every current and professional version of Windows: NT, 2000, XP, and Windows Server 2003. Coverage includes:

  • Developing a practical methodology for responding to potential attacks
  • Preparing your systems to prevent and detect incidents
  • Recognizing the signatures of an attack—in time to act
  • Uncovering attacks that evade detection by Event Viewer, Task Manager, and other Windows GUI tools
  • Using the Forensic Server Project to automate data collection during live investigations
  • Analyzing live forensics data in order to determine what occurred

Until then  guys , see you all next week for more great stuff…!

p/s: Here is a link for a talk about Windows Local Kernel Exploitation , written by SK Choong , a security consultant of SCAN Associate Sdn Bhd . in HITB SecConf 2004. It’s Cool…check it out!

http://packetstormsecurity.org/hitb04/hitb04-sk-chong.pdf

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: