Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Scene of the Cybercrime: Computer Forensics Handbook"

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Scene of the Cybercrime: Computer Forensics Handbook", Debra Littlejohn Shinder
Date: Mon, 04 Sep 2006 11:38:55 -0800 
BKSOCCFH.RVW   20060809

"Scene of the Cybercrime: Computer Forensics Handbook", Debra
Littlejohn Shinder, 2002, 1-931836-65-5, U$59.95/C$92.95
%A   Debra Littlejohn Shinder debshinder@sceneofthecybercrime.com
%C   800 Hingham Street, Rockland, MA   02370
%D   2002
%E   Ed Tittel
%G   1-931836-65-5
%I   Syngress Media, Inc.
%O   U$59.95/C$92.95 781-681-5151 fax: 781-681-3585 amy@syngress.com
%O  http://www.amazon.com/exec/obidos/ASIN/1931836655/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1931836655/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1931836655/robsladesin03-20
%O   Audience n+ Tech 2 Writing 3 (see revfaq.htm for explanation)
%P   718 p.
%T   "Scene of the Cybercrime: Computer Forensics Handbook"

There are some good forensics books out there, but there are also a
number of forensics titles that are nothing more than pamphlets
suggesting that the reader get a copy of EnCase and fool around.  Then
there is this work.  I'm not sure how I got a review book that is four
years old, an eternity in the technical realm, and particularly in
security.  Astoundingly, Shinder produced a work that cut to the heart
of the necessary concepts, without piling on technical trivia that
would rapidly go out of date.  This volume is as relevant and valuable
today as it was when it came out.

The foreword notes that the author, herself from both a law
enforcement and a technical background, found that most technical
security people know little about law and legal procedures, and that
law enforcement personnel know next to nothing about computer
internals.  She set herself to provide geek info to the cops and cop
smarts to the geeks, and to compile a reference to other resources.

She has produced an admirably valuable text.

Chapter one starts out with a bit of a slip, stating that cybercrime
is a subcategory of computer crime, but then explains it in such a way
as to be basically identical.  However, Shinder goes on to provide an
excellent review of the problems in defining and categorizing
cybercrime, jurisdictional issues, and the difficulties in building a
team and infrastructure to fight cybercrime.  A concise history of
computer crime events and issues, and a review of common dangers,
makes up chapter two.  (The material on high-speed Internet is
somewhat dated, but the rest is excellent.)  In other hands, chapter
three's examination of the people involved in cybercrime would be a
rehash of old "hacker" stereotypes.  Instead, Shinder gives us
criminal psychology, profiling (and counterexamples to the
stereotypes), victimology, and the characteristics of a good
investigator.

Chapter four looks into computer hardware basics.  Techies will think
it simplistic, but the content is pitched just right for computer
neophytes who need the fundamental concepts and enough detail to step
up to further studies.  Some may think that the coverage of
networking, in chapter five, spends too much time on analogue
signalling and old LAN protocols, but you have to remember that
digital forensic investigators are not called upon to use standard
environments, but to assess the material found in arbitrary ones.  The
presentation of network intrusions and attacks, in chapter six, has
clear representation of the concepts, without deluging the reader with
quickly dateable minutia.

Chapter seven, turning to cybercrime prevention, presents general
information security concepts, with a concentration on networks and
cryptography.  (As with many, Shinder seems to be fascinated with
steganography out of all proportion to its importance.)  Implementing
system security, in chapter eight, is similar, but with greater
emphasis on specific settings.  (Although this is very helpful,
particularly to the home user, it has limited application to
forensics.)  Chapter nine looks at cybercrime detection techniques,
primarily audit information in its various forms.  The collection and
preservation of digital evidence is an important and difficult task. 
Chapter ten does not go into the same level of detail as Michael A.
Caloyannides' "Computer Forensics and Privacy" (cf. BKCMFRPR.RVW),
"Computer and Intrusion Forensics" by Mohay et al (cf. BKCMINFO.RVW),
Kruse and Heiser's classic "Computer Forensics" (cf. BKCMPFRN.RVW),
the somewhat challenging "Forensic Discovery" by Farmer and Venema
(cf. BKFORDIS.RVW), and Brian Carrier's resourceful "File System
Forensic Analysis" (cf. BKFSFRAN.RVW), but presents a broad overview,
and has good advice on evidence management and a useful list of
resources.  Legal systems, types of laws, jurisdictional issues, and
the preparation of a case is covered in chapter eleven, which extends
"A Guide to Forensic Testimony" by Smith and Bace (cf. BKGDFOTS.RVW).

For anyone just becoming involved in digital forensics, the book is an
excellent introduction and overview of the field in its proper
context.  For those already involved, this manual is both a solid
reminder of what needs to be taught to those becoming involved in
computer forensics, and also a resource for a number of areas that the
individual specialist may not cover every day.  Despite the age of the
work, in this fast changing environment, Shinder has produced a text
of classic depth and lasting value.  (Hopefully Syngress will get her
to produce updates on a regular basis.)

copyright Robert M. Slade, 2006   BKSOCCFH.RVW   20060809


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
Are you sure that [nine nine nine nine nine nine is] random?
That's the problem with randomness.  You can never be sure.
    www.unitedmedia.com/comics/dilbert/archive/dilbert-20011025.html
Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Scene of the Cybercrime: Computer Forensics Handbook", Debra Littlejohn Shinder, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] CISSP All In One, For your info, popoutedupuis
Next by Date:  [CISSP-D] REVIEW: "Windows Server 2003 Security", Blair Rampling, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] CISSP All In One, For your info, popoutedupuis
Next by Thread:  [CISSP-D] REVIEW: "Windows Server 2003 Security", Blair Rampling, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]