View Larger Image	Harlan Carvey Addison-Wesley, Paperback, Bk&CD edition, Published July 2004, 460 pages, ISBN 0321200985
	List Price: $59.99 Our Price: $37.50 You Save: $22.49 (37% Off)
	Availability: Out-Of-Stock

People who purchase this book frequently purchase:

• File System Forensic Analysis; Brian Carrier, $37.50, 37% Off!
• Real Digital Forensics: Computer Security and Incident Response; Keith J. Jones, et al, $37.95, 37% Off!
• Forensic Discovery; Dan Farmer, et al, $34.95, 22% Off!
• Incident Response and Computer Forensics, 2nd Edition; Chris Prosise, et al, $30.50, 39% Off!

• Operating Systems : Microsoft Windows
• Hardware : Upgrading and Troubleshooting

• Addison-Wesley

• A one-stop shop for Microsoft Windows sys admins to find technical security information.
• The CD-Rom contains unique tools the author has written (code, network packet captures, and the results of a capture using the tools) and research methodologies that the reader can implement immediately.
• Provides strong examples and case studies to enhance understanding.

As long as networks of Microsoft Windows systems are managed, administered, and used by people, security incidents will occur. Windows systems are highly pervasive throughout the entire computing infrastructure, from home and school systems, to high-end e-commerce sites. In contrast to this pervasiveness, information regarding conducting effective incident response and forensic audit activities on Windows systems is limited. While there are many security books available, none focus specifically on Windows security. There are also resources available online, but they are scattered and often too general. This book is a compilation of all the information currently available on this subject. It is for anyone who manages or administers Windows systems (including home users) and needs to know how to react when they suspect that an incident has occurred. It guides the reader through information, tools, and techniques that are required to conduct incident response or a live forensics audit activities. By providing the necessary background for understanding how incidents occur and how data can be hidden on compromised systems, the reader will have a better understanding of the "whys" and "hows" of incident response and forensic audit activities. It is important to note that regulatory issues are also pushing organizations toward better security and incident preparedness policies.

Table of Contents

Preface.

1. Introduction.

2. How Incidents Occur.

3. Data Hiding.

4. Incident Preparation.

5. Incident Response Tools.

6. Developing a Methodology.

7. Knowing What To Look For.

8. Using the Forensic Server Project.

9. Scanners and Sniffers.

A: Installing Perl on Windows.

B: Web Sites.

C: Answers to Chapter 9 Questions.

About the Author

Harlan Carvey's interest in computer and information security began while he was an officer in the U.S. military, during which time he earned his master's degree in Electrical Engineering. After leaving military service, he began working in the field of commercial and government information security consulting, performing vulnerability assessments and penetration tests. While employed at one company, he was the sole developer of a program for collecting security-specific information (i.e., Registry entries, file information, configuration settings, etc.) from Windows NT systems during vulnerability assessments. Harlan has also done considerable work in the area of incident response and forensics, performing internal and external investigations. He has also written a number of proof-of-concept tools for educating users in such topics as Windows null sessions, file signature analysis, and the retrieval of metadata from a variety of files. Harlan has presented at Usenix, DefCon9, Black Hat, GMU2003 on various topics specific to issues on Windows platforms, such as data hiding. He has had articles published in the Information Security Bulletin and on the SecurityFocus web site.

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account