Penguin Power!
Buy Linux distributions at discount prices!
Linux| Perl| PHP| Webserv| Databases| Sysadmin| Programming| Filesystems| Java| Webprog
News from Slashdot
Screen With 180 Degree Field of View

FTC to Scrutinize Contactless Payment Technology

Canada Considering A Three Strikes And You're Off The Internet Policy?

80 Gbps Deep Packet Inspection Hardware Announced

To Curb Truancy, Dallas Tries Electronic Monitoring

USAF Considers Creation of Military Botnet

An Inside Look at the Great Firewall of China

SMS 4x More Expensive Than Data From Hubble

Microsoft 'Shared Source' Attempts to Hijack FOSS

Where Are The Space Advocates?


Related products:

Filesystems

File System Forensic Analysis

Filesystems
Format: Paperback
Author: Brian Carrier
ReleaseDate: 17 March, 2005
Publisher: Addison-Wesley Professional
Rating:

Very deep
The author has more on file systems than just about anywhere, and I found it helpful in non security work also just to understand how the different systems work. I'm pretty technical, so I enjoyed this book.
I was able to use the book Windows Forensics, Corporate Computer Investigations by Chad Steel more in daily use, but this book would have been a better as a starting point in learning about disk based analysis and does a much better job of diving deep into file system specifics.

Some of the programming level content was tough to follow, but if you are ever going to court and really need to know your stuff this is buy far the book you need. I recommend it throughly.


Excellent Book
Good book for reference down the road as well. Excellent book for beginning to really understand file system forensics. Highly recommend.


Wide and Deep
If you are interested in file system analysis, then this book is one of them. There aren't many information technology books that can be read cover to cover like a novel.

The way Brian organizes his book can take a motivated person from knowing very little about file system analysis to guru in a very step by step manner. Brian starts at the bottom and steadily works his way up.

The chapter structure is excellent.

* Digital Investitation Foundations
* Computer Foundations
* Hard Disk Data Acquisition
* Volume Analysis
* File System Analysis

Perfect. Each new section builds on the last.

The File System Analysis section is also structured so that you can get as little or as much as you want out of it.
Each file system is given a chapter for describing how it utilizes the categories defined in The Sleuth Kit (file system, content, metadata, file name, application) and another chapter for digging into the meat of it.

After reading the book, I know it will be an indespensible tool for all my future forensic hard disk analyses.

My only quibble at all is that it does not cover IBM's HPFS file system used for OS/2, because, yes, there are still some OS/2 systems I have to analyze (but not many and getting fewer and fewer). Most of that analysis is application level anyway which is out of scope.

Regardless, this is an amazing and wonderful book.

I eagerly await the 2nd edition in a year or so. I'll buy it, too.


Go to lyrics-now.com for music lyrics and song lyrics.
Bass and guitar tablatures: Fretplay.com, Guitar tabs, Bass tabs, Fresh tabs, How to read tabs
Plan your travel and holiday here: Travel Helper!