Internet Forensics: Using Digital Evidence to Solve Computer Crime

Sale!

Original price was: 3.995,00 EGP.Current price is: 970,00 EGP.

Publisher ‏ : ‎ O’Reilly Media; 1st edition (November 15, 2005)
Language ‏ : ‎ English
Paperback ‏ : ‎ 238 pages
ISBN-10 ‏ : ‎ 059610006X
ISBN-13 ‏ : ‎ 978-0596100063
Item Weight ‏ : ‎ 13.8 ounces
Dimensions ‏ : ‎ 7 x 0.49 x 9.19 inches

Description

Price: $39.95 - $9.70
(as of Aug 30,2024 11:49:47 UTC – Details)




Publisher ‏ : ‎ O’Reilly Media; 1st edition (November 15, 2005)
Language ‏ : ‎ English
Paperback ‏ : ‎ 238 pages
ISBN-10 ‏ : ‎ 059610006X
ISBN-13 ‏ : ‎ 978-0596100063
Item Weight ‏ : ‎ 13.8 ounces
Dimensions ‏ : ‎ 7 x 0.49 x 9.19 inches

This Post Has 8 Comments

  1. I used to do this for a living!
    I read Mr. Jones’s book with great interest. I started in the IT field working as an Internet Abuse Investigator for UUnet. I thought “I’ll probably not learn anything new…” Boy I was wrong. The book was filled with helpful hints as well as ready to use Perl code. I’d highly recommend this book to anyone interested in tracking scammers down.

  2. A great intro
    I disagree with the opinion that only people who know nothing about security would get anything out of this book. I am network infrastructure engineer for routers and switches, have past experience with Microsoft OS’s, and have a security+ certification. I am NOT a security expert or computer forensics specialist but I have some security knowledge and I really enjoyed this book.You won’t become a security expert reading this book but It’s an interesting and educational read for someone with some technical background who would like a surface level introductory. For me, this was a pleasure/entertainment read and I wasn’t looking to use it as the basis for a career as a security expert.I do like that the author provides real examples that you can try out yourself to explore further.

  3. Knowledgeable, Useful and very Well-Written.
    A few things out of date but otherwise extremely well written, informative and covers security issues which are now even more important than when the book was written. Great introductory work for CS, IT folks and power users. Access to Linux would be helpful while reading it but not really necessary.

  4. Internet Forensics
    Lots of nice to know info here. Recommended for the techie. Study carefully to get the most out of this book.

  5. Incomplete, cursory, and unfocused
    O’Reilly has had a hard time with their computer security lineup since they started expanding it a few years ago. While they have tried to focus on tight subjects with short volumes (this book at about 220 pages is no exception), these books often wind up being cursory treatments of the subjects, and in some cases downright wrong.Sadly, Internet Forensics is not an exception to this rule. While I like this book more than some of the other recent O’Reilly security books, that isn’t saying much. We’ve come to expect clear, authoritative books or inspired tricks and tips type martial from O’Reilly’s authors, and instead we’re given unfocused, incomplete pages.To be fair, the topic of Internet Forensics is broad, not very well focused, and no one has written a good book on the subject. It’s coming into the foreground, especially in this past year, as threat analysis has become popular. This is a new, wide open field, covering a broad range of malware, spam, phishing, and malicious website analysis coupled to tracking the origin and leading to takedown of the materials. However, this book doesn’t really do a good job of much of that. And, at the end of 2006, some of the material feels positively quaint (even though it came out in late 2005). Although the author has defined his target audience in the introduction (infosec professionals, and software developers and IT operations people), I don’t think they’re well served with this offering.Chapter 1, an introduction to the book, is short and scattershot. Nothing promised in the preface is really delivered (no overview of spam, phishing, or other threats). Instead, it’s just some writing with little focus. This tone carries throughout the book. Chapter 2 covers the basics of IP addressing (what the heck?! if you don’t assume your readership knows this, they’re in the wrong place), and then talks about DNS lookups with dig and whois. The people reading this should know how to use these tools already, where are the suggested requirements for the reader? Sadly, no tips on disambiguating whois results (p 22) are given, not an unexpected finding in this book. And we start with the inefficient Perl scripts, too. All in all, we’re not off to a good start.Chapter 3 covers email, and sadly we waste time on the basics of email headers, and then go into making very good use of them. The coverage here is inconsistent and again, unfocused. By the time you finish chapter three with “is it really spam?”, you’re left wondering what the heck the author wanted you to learn. Chapter 4 is slightly better, focusing on on URL obfuscation. Sadly, none of the techniques given really hold up all that well any more. Again, we start with some basics and try and get somewhere, but along the way we’re distracted and we’ve never really gotten a good sense of what’s the objective.Chapter 5 on websites tries to cover some ground, but again, it’s too unfocused. We talk about mirroring a site (why “wget -r” isn’t listed, which is a common way of getting a malicious phishing site or directory, I don’t know) and we even talk about SQL injection, but I don’t know what the author is really after. It feels like random observations thrown in with no overall goals. Chapter 6 talks about web servers, and we talk about headers and redirection, and then delve into Netcraft stats (why?) and honestly I’m not clear what was useful here. This felt more like introductory material than anything useful. If the readers are infosec professionals, they should know what a web server header looks like and how to properly fingerprint the server.Chapter 7 is the complement to that, and talks about your browser. Again, some useful info, but it’s incomplete. No real discussions about why you want to alter things other than some basic concepts. Chapter 8 talks about file contents, and there’s some interesting basics on examining Word docs (track changes, strings, etc) but aside from some basics, there’s not much great there. Sadly, no discussions on how to un-redact a PDF are given, just that it’s been a problem.Chapter 9, which is a nice departure from solid technical materials, comes up short. It’s incomplete and disappointing. Chapter 10 talks about pattern detection and signature creation, but again, this could have been beefier.Chapter 11, “case studies”, is OK, but some better treatment to tie the lessons learned (or hopefully imparted) would have been nice. Finally, Chapter 12, “taking action”, isn’t very useful. No real great info or insight is here, and if you think that you’ll be calling police departments about every phishing site, you’re in for a sad wake up call — there’s just no way you can do that. One of the comments made in this chapter, specifically wanting to see a community response, tells me that the author (Jones) isn’t well connected to the community that actually does track and respond to these threats.Internet Forensics is a poor attempt at this broad subject. While I appreciate the scope of what the author is trying to do, the execution is weak and suffers from a lack of focus or discipline. A book twice this size covering a fraction of the material, well executed, would have been a better offering. If you feel you must get this book, make sure you get it at a steep discount.

  6. Reading audience not well defined
    Normally, I place little weight on the lowest and highest reviews for a book. In this case, I discarded the review “Far, far below O’Reilly’s standards, February 7, 2006.”However, after reading the book, I realized that this was the most accurate review. Is the book for Administrators or for home users? For UNIX or Windows users? The author would have you believe that it offers something for all. I disagree.Ultimately, it is so superficial and spread out that it is of little use to anyone. Why the author throws in a simple intro to IP Addresses and then seems to take up paragraph after paragraph on parameter options for Unix-based commands is beyond me.This book reads like bad spam – enticing the using with yet another title with catch words that are trendier than “free Vigra” – Internet + Forensics – both a limp approach to the quest for more money – yours and mine.Fight back – Don’t waste your money on this book.Also notice that the author tries to gain our alliance and sympathies with his similar plight of spam email. If the guy truly is a security “expert” he should be spam-free. Free advice: Try a spam blocker, an email referral service, or just good system administration.

  7. brilliant for a student studying computer forensics. would recommend for other students studying this degree. Lots of good information on internet forensics

Leave a Reply

Your email address will not be published. Required fields are marked *