Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 366 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
366
Dung lượng
4,03 MB
Nội dung
[...]... related computer- like electronics), as distinct from network forensics, which in this context is snooping into users’ online activities Computerforensics deals with anything and everything that can be found on one’s computer Network forensics, on the other hand, pertains to evidence like logs kept by Internet service providers (ISPs) and other remotely located networked computers Network forensics. .. investigation is being done 1.4.3 Forensics is deceptively simple but requires vast expertise Contrary to popular belief, there is no mystery to computerforensics This is why a huge cottage industry of self-appointed computerforensics “experts” has come into existence during the last few years Sadly, while there are 10 ComputerForensics numerous experienced and competent computerforensics experts, it is... attacks, and the like Even so, because most computers today are connected to the Internet at one time or another, this book also covers those aspects of network forensics that affect anyone connecting to the Internet All trademarks are hereby acknowledged as the property of their respective owners CHAPTER 1 ComputerForensics Contents 1.1 What is computer forensics? 1.2 Why is computer forensics. .. to you? 1.3 If you have done nothing illegal, you have nothing to fear: not true anywhere! 1.4 Computerforensics 1.1 What is computer forensics? Rather than getting embroiled in definitions and semantics, let’s say that computerforensics is the collection of techniques and tools used to find evidence on a computer that can be used to its user’s disadvantage If the evidence is obtained by, or on behalf... or biological agents, computerforensics and computer counterforensics can be used for both legal and illegal purposes This book emphatically does not condone the illegal use of any of the techniques it presents Inevitably, some readers will ask whether law enforcers shouldn’t have the right to monitor Internet usage and even individuals’ computers in order to identify a crime and collect evidence to... practices in computer forensics; this is not yet one more Indeed, given how needlessly unintuitive some of the most popular software suites for computerforensics are, the aspiring computer forensic investigator would do better to attend the pricey training classes offered by such software suites’ vendors Computerforensics is quite powerful against all but the most technically savvy computer users... who never connect their computer online to anything are not immune from hostile computerforensics either 1.2.5 As a lawyer for the defense Given that a rapidly increasing percentage of all legal cases (both criminal and civil) involve computer- based evidence, the legal training of yesteryear is not enough A lawyer must be extremely well versed in the ins and outs of computerforensics in order to defend... E-mail forensicsand traces: the anonymity that isn’t 149 8.5.1 152 8.5.2 Sending anonymous e-mail: anonymous remailers 154 8.5.3 9 Tracking suspect e-mail General network tracing tools 158 Advanced Protection from Computer Data Theft Online 159 9.1 Virus/Trojan/worm protection 159 9.2 Protection from keyloggers 160 9.2.1 9.3 Protection from keystroke-capturing software 160 9.2.2 Protection. .. though the basics of computerforensics are very easy, computerforensics requires experience and competence The reason for this apparent contradiction is that whereas anybody can use a forensic software package to browse through a target disk, experience and competence are required to determine the following: 1 What to look for: Computer forensic software merely opens the door and does not point the... was on), all connections to the computer, and the insides of the cabinet Because the process of booting the Windows-based computer will most likely write onto any connected hard disk, the investigator must never boot that computer Instead, all magnetic media (hard disks, floppy disks, superfloppies, Zip and Jaz disks, and so forth) must be disconnected from the computer and copied individually onto the . actions and through their children’s children.
.
Contents
Introduction xv
1 Computer Forensics 1
1.1 What is computer forensics? 1
1.2 Why is computer forensics. related to
computer security, feel free to contact either the Commissioning Editor or the Series Editor
at Artech House.
Privacy Protection and
Computer Forensics
Second