Dan Farmer Boeken

Forensic computing is gathering and analyzing data in a manner as free from distortion as possible to reconstruct data or what has happened in the past on a system. Many of the tools presented in this book were developed and used first by the authors. This is the book by the people who wrote the original versions of forensic tools that are now widely used. The thrust of the book deals with the collection and use of computer evidence to apprehend the hacker and, once apprehended, to either prosecute or defend. The majority of examples are from Solaris, FreeBSD, and Linux systems, Microsoft's Windows shows up as well.