Thank you for the feedback, Jason.
I think I need to trim down that rough outline a bit. There might even be two books in there as it is quite broad.
That would be the criminal defense side of computer forensics, which hardly anyone is interested in besides me I think. -)
Know Thy enemy.. It always helps to look at a problem or situation from the other side. In fact…a book on defending or countering computer forensics may be a great Idea..
It's topical and hasn't been done… (I believe)
Any additional feed back is welcome guys.
I would especially like to hear from folks who are interested in entering the field or will soon be entering the field.
Ok I have a deal with my publisher and I have decided to write my first book on criminal defense. Of course, all you LE people are going to learn my secrets! twisted
I think it will help everyone, no matter what "side" you are on. 😯
I would rather have as much pages on Analysis - analyzing log files (network logs, system logs), analyzing file systems (fatxx, ntfs, extX), analyzing images taken from (presumably) criminal's computers - and using tools that aid such analysis.
Also, I'd like to have ways of protecting systems and intruding systems.
It would be good if popular tools are covered in depth – dd, FTK Imager, Autopsy, WireShock, EnCase, nmap, Nessus, Metasploit, Etterap, …
My 2 cents.
Eing,
I would rather have as much pages on Analysis - analyzing log files (network logs, system logs), analyzing file systems (fatxx, ntfs, extX), analyzing images taken from (presumably) criminal's computers - and using tools that aid such analysis.
You'll find a good deal of that in Windows Forensic Analysis, not only in the first edition, but also in the upcoming second edition.
Also, I'd like to have ways of protecting systems and intruding systems.
It would be good if popular tools are covered in depth – dd, FTK Imager, Autopsy, WireShock, EnCase, nmap, Nessus, Metasploit, Etterap, …
Assuming you're referring to WireShark, a number of the tools (and many others) are mentioned/described in the upcoming second edition of Windows Forensic Analysis, as well as others…
Go, go Harlan!
mini hijack.
You'll find a good deal of that in Windows Forensic Analysis, not only in the first edition, but also in the upcoming second edition.
I got an e-mail from Amazon for pre-orders. I look forward to an authors preview of the changes from the first edition.
I am definately writing the book from the standpoint of the defense. There aren't any books out there that teach how to analyse a case and how to really challenge computer forensics evidence in depth. Since I make my lving doing exactly that, I think that is my strongest area of expertise.
I appreciate all the feedback.
Maybe someone else will get a book idea out of this thread!