Search Images Maps Play YouTube News Gmail Drive More »
My library | Help | Advanced Book Search | Web History | Sign in

Books

File system forensic analysis

Front Cover
3 Reviews
Addison-Wesley, 2005 - Computers - 569 pages
This is an advanced cookbook and reference guide for digital forensic practitioners. File System Forensic Analysis focuses on the file system and disk. The file system of a computer is where most files are stored and where most evidence is found; it also the most technically challenging part of forensic analysis. This book offers an overview and detailed knowledge of the file system and disc layout. The overview will allow an investigator to more easily find evidence, recover deleted data, and validate his tools. The cookbook section will show how to use the many open source tools for analysis, many of which Brian Carrier has developed himself.

From inside the book

 

What people are saying - Write a review

User Review - Flag as inappropriate

Does anyone know how not to catch zzzzzzzzz, when reading, say, I don't know, the first 4 pages. Some of the examples are long and it feels like it was taken down from a speech at the ELKS Club. Talk, talk, talk.
Get to the point! Define it, give example or use, next!
Temporal lobe shutting down, recall fails from drab,unimaginitive writing. Until you get to actual work of shredding a file system.
If you are tedious, time consuming, and like to read words defined by the paragraph, then go on. Read it.
Then paper cut my jugular.  

Review: File System Forensic Analysis

User Review  - Stephen Hargrove - Goodreads

This is more than anyone could ever possibly need or want to know about file systems. Ever. Read full review

Related books

Real Digital Forensics: Computer Security And Incident Response
Real Digital Forensics: Computer Security And Incident Response
Keith John Jones,Richard Bejtlich,Curtis W. Rose
No preview available - 2005
Practical Guide to Computer Forensics: For Accountants, Forensic Examiners ...
Practical Guide to Computer Forensics: For Accountants, Forensic Examiners ...
Frank Grindstaff,David Benton
No preview available - 2005
Forensics: Crime Scene Investigations from Murder to Global Terrorism
Forensics: Crime Scene Investigations from Murder to Global Terrorism
Zakaria Erzinclioglu, Dr.
No preview available - 2012
All related books »

Contents

Chapter
17
Computer Foundations
18
CONTENTS
37
Copyright

7 other sections not shown

Common terms and phrases

ASCII bitmap block group block pointers boot code boot sector BSD partition Byte Range Description Chapter cluster configuration contains created cylinder group DATA attribute data structures data unit defined deleted files device directory entry disk image encrypted example Ext3 extended partition ExtX FAT file system ffff ffff ffff field Figure File file name file or directory file system files and directories final find first first sector flag fragments FreeBSD group descriptor hard disk hash header hexadecimal identifies index entry inode inode table investigation layout Linux located logical volume MFT entry Microsoft Microsoft Windows node NTFS number of sectors offset OpenBSD operating system output partition system partition table RAID volume Range Description Essential root directory SCSI Solaris specific starting sector stored superblock UFS2 UFSI unallocated unused updated Windows

About the author (2005)

Brian Carrier has authored several leading computer forensic tools, including The Sleuth Kit (formerly The @stake Sleuth Kit) and the Autopsy Forensic Browser. He has authored several peer-reviewed conference and journal papers and has created publicly available testing images for forensic tools. Currently pursuing a Ph.D. in Computer Science and Digital Forensics at Purdue University, he is also a research assistant at the Center for Education and Research in Information Assurance and Security (CERIAS) there. He formerly served as a research scientist at @stake and as the lead for the @stake Response Team and Digital Forensic Labs. Carrier has taught forensics, incident response, and file systems at SANS, FIRST, the @stake Academy, and SEARCH.

Brian Carrier's http: //www.digital-evidence.org contains book updates and up-to-date URLs from the book's references.

(c) Copyright Pearson Education. All rights reserved.

Bibliographic information

QR code for File system forensic analysis
TitleFile system forensic analysis
AuthorBrian Carrier
Editionillustrated
PublisherAddison-Wesley, 2005
Original fromthe University of Michigan
DigitizedAug 27, 2011
ISBN0321268172, 9780321268174
Length569 pages
Subjects ›  › 

Computer crimes
Computer science
Computer security
Computers / Data Processing
Computers / Internet / Security
Computers / Security / General
Data structures (Computer science)
Electronic books
Electronic evidence
File organization (Computer science)
Forensic sciences
  
Export CitationBiBTeX EndNote RefMan