Digital Forensics with Open Source Tools, 1st Edition

Quotes and reviews

"This is highly detailed material. Although the introductory chapter adopts an easy pace, with overviews of important technical concepts, most of the other chapters get right down to the practice of forensic analysis. This is not a book you’re going to want to read in bed: you’ll want this right next to a computer - preferably two or three computers running different operating systems - so that you can try the techniques for yourself as you work your way through. The authors admit that this book does not cover everything you need to know. For instance, it focuses entirely on ‘dead drive’ forensics - offline systems. Analysing running systems often requires high-level proprietary tools. But it does give an excellent grounding in the methods of digital forensic analysis and provides a valuable first step in learning the technicalities."--Network Security, May 2012, page 4

"Digital Forensics - MacGyver Style! The practical solutions of this book, Digital Forensics with Open Source Tools, save the day when commercial tools fail. During an incident, the clock ticks. Response teams scramble to pull anything together to solve the immediate challenge. Cory Altheide and Harlan Carvey take you through the tools and tactics that you need - the ones that in a pinch will get the job done. A welcome addition to my library."--Rob Lee, SANS Institute

"Intended for students and new computer professionals, or those new to open source applications, this guide to digital forensics provides practical instructions for many common tasks in data recovery and analysis using open source tools. Beginning with a discussion of setting up an open source examination platform and tool set, the work covers disk and file system analysis, Windows, GNU/Linux and Mac OS X systems and artifacts, Internet artifacts, file analysis and automated analysis. The volume includes numerous code examples and tips and tricks as well as an appendix of software tools."--Reference and Research Book News

"Intended for students and new computer professionals, or those new to open source applications, this guide to digital forensics provides practical instructions for many common tasks in data recovery and analysis using open source tools. Beginning with a discussion of setting up an open source examination platform and tool set, the work covers disk and file system analysis, Windows, GNU/Linux and Mac OS X systems and artifacts, Internet artifacts, file analysis and automated analysis. The volume includes numerous code examples and tips and tricks as well as an appendix of software tools. Chapter examples assume a basic knowledge of the Linux command line interface."--Reference and Research Book News

"The authors intended this book for two types of readers: complete novices in the world of digital forensics, and seasoned practitioners who are interested in learning more about open source tools that could help them in their work. And although it might seem difficult to merge the knowledge in such a way to make for an interesting book for both groups, in my opinion, the writers managed to do it beautifully."--Net-Security.org