Kooperativer Bibliotheksverbund

UID:

Format: 1 online resource (713 p.)

Edition: 1st edition

ISBN: 1-281-76295-4 , 9786611762957 , 0-08-056019-9

Content: Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of ""live forensics,"" where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss ?live forensics? on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised

Note: Includes index. , Front Cover; Malware Forensics: Investigating and Analyzing Malicious Code; Copyright Page; Dedication Page; Acknowledgements; Authors; Technical Editor; Contents; Introduction; Investigative And Forensic Methodologies; Forensic Analysis; Malware Analysis; From Malware Analysis To Malware Forensics; Chapter 1: Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System; Introduction; Building Your Live Response Toolkit; Testing and Validating your Tools; System/Host Integrity Monitoring; Volatile Data Collection Methodology; Preservation of Volatile Data , Full Memory CaptureFull Memory Acquisition on a Live Windows System; Collecting Subject System Details; System Date and Time; System Identifiers; Network Configuration; Enabled Protocols; System Uptime; System Environment; Identifying Users Logged into the System; Psloggedon; Quser (Query User Utility); Netusers; LogonSessions; Inspect Network Connections and Activity; Current and Recent Network Connections; Netstat; DNS Queries from the Host System; NetBIOS Connections; ARP Cache; Collecting Process Information; Process Name and Process Identification (PID); Temporal Context; Memory Usage , Process to Executable Program Mapping: Full System Path to Executable FileProcess to User Mapping; Child Processes; Command-line Parameters; File Handles; Dependencies Loaded by Running Processes; Exported DLLs; Capturing the Memory Contents of a Process on a Live Windows System; Correlate Open Ports with Running Processes and Programs; Openports; CurrPorts; Identifying Services and Drivers; Determining Open Files; Identifying Files Opened Locally; Identifying Files Opened Remotely; Collecting the Command History; Identifying Shares; Determining Scheduled Tasks; Collecting Clipboard Contents , Non-Volatile Data Collection from a Live Windows SystemForensic Duplication of Storage Media on a Live Windows System; Forensic Preservation of Select Data on a Live Windows System; Assess Security Configuration; Assess Trusted Host Relationships; Inspect Prefetch Files; Inspect Auto-starting Locations; Collect Event Logs; Review User Account and Group Policy Information; Examine the File System; Dumping and Parsing Registry Contents; Examine Web Browsing Activities; Incident Response Tool Suites for Windows; Windows Forensic Toolchest; ProDiscoverIR; OnlineDFS/LiveWire , Regimented Potential Incident Examination Report (RPIER)Nigilant32; Malware Discovery and Extraction From a Live Windows System; Nigilant32; Extracting Suspicious Files; Conclusions; Notes; Chapter 2: Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System; Introduction; Volatile Data Collection Methodology; Incident Response Tool Suites for Linux; Full Memory Dump on a Live UNIX System; Preserving Process Memory on a Live UNIX System; Collecting Subject System Details; Identifying Users Logged into the System; Determining Network Connections and Activity , Collecting Process Information , English

Additional Edition: ISBN 1-59749-268-X

Language: English

UID:

Format: 1 online resource (560 pages)

Edition: 1st edition

ISBN: 1-280-58258-8

Content: Malware Forensics Field Guide for Windows Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides , a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Windows-based systems, the largest running OS in the world. The authors are world-renowned leaders in investigating and analyzing malicious code. Chapters cover malware incident response - volatile data collection and examination on a live Windows system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Windows systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Windows system; and analysis of a suspect program. This field guide is intended for computer forensic investigators, analysts, and specialists. A condensed hand-held guide complete with on-the-job tasks and checklists Specific for Windows-based systems, the largest running OS in the world Authors are world-renowned leaders in investigating and analyzing malicious code

Note: Includes index. , Malware incident response -- Memory forensics -- Post-mortem forensics -- Legal considerations -- File identification and profiling -- Analysis of a malware specimen.

Additional Edition: ISBN 1-59749-472-0

Language: English

UID:

Format: 1 online resource (xxxix, 574 pages) : , illustrations.

Edition: 1st edition

ISBN: 1-59749-471-2 , 9786613612366

Series Statement: Digital forensics field guides

Content: The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a ""toolkit"" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a la

Note: Description based upon print version of record. , Malware incident response -- Linux memory forensics -- Postmortem forensics -- Legal considerations -- File identification and profiling -- Analysis of a malware specimen. , English

Additional Edition: ISBN 1-59749-470-4

Language: English

UID:

Format: 1 DVD , 4 3/4 in

ISBN: 9781597494458 , 1597494453 , 9781597491631 , 1597491632 , 9781597492973 , 1597492973 , 9781597492683 , 159749268X , 9781597492768 , 1597492760 , 9781597492690 , 1597492698

Content: Contains six ebooks from Syngress, designed to provide IT security professionals with easy access to information and contains over 3000 pages of techniques and tools

Note: Title from disc label. - Can only be played on PC.. - System requirements: PC with DVD drive , Alternate data storage forensics / Tyler Cohen, Amber Schoader -- MacOS X, iPod, and iPhone forensic analysis DVD toolkit / Ryan R. Kubisiak, Sean Morrisey, lead authors -- Malware forensics : investigating and analyzing malicious code / James M. Aquilina, Eoghan Casey, Cameron H. Malin -- Scene of the cybercrime. 2nd ed. / Michael Cross -- UNIX and Linux forensic analysis DVD toolkit / Chris Pogue, Cory Altheide, Todd Haverkos -- Windows forensic analysis : DVD toolkit / Harlan Carvey

Language: English

Keywords: Computervirus ; Computersicherheit

UID:

Format: XXXVI, 674 S. , Ill. , 24 cm

ISBN: 9781597492683

Language: English

Keywords: Computervirus ; Computersicherheit

UID:

Format: 1 online resource (xxxix, 574 pages) : , illustrations.

Edition: 1st edition

ISBN: 1-59749-471-2 , 9786613612366

Series Statement: Digital forensics field guides

Content: The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a ""toolkit"" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a la

Note: Description based upon print version of record. , Malware incident response -- Linux memory forensics -- Postmortem forensics -- Legal considerations -- File identification and profiling -- Analysis of a malware specimen. , English

Additional Edition: ISBN 1-59749-470-4

Language: English

UID:

Format: XXXIX, 574 S. , Ill., graph. Darst.

ISBN: 9781597494700

Series Statement: Digital forensics field guides

Content: Malware incident response -- Linux memory forensics -- Postmortem forensics -- Legal considerations -- File identification and profiling -- Analysis of a malware specimen

Note: Includes bibliographical references and index , Malware incident responseLinux memory forensics -- Postmortem forensics -- Legal considerations -- File identification and profiling -- Analysis of a malware specimen.

Additional Edition: ISBN 9781597494717

Language: English

Subjects: Computer Science , Law

Keywords: Computerforensik ; LINUX

UID:

Format: 1 online resource (xxxix, 574 pages) : , illustrations.

Edition: 1st edition

ISBN: 1-59749-471-2 , 9786613612366

Series Statement: Digital forensics field guides

Content: The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a ""toolkit"" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a la

Note: Description based upon print version of record. , Malware incident response -- Linux memory forensics -- Postmortem forensics -- Legal considerations -- File identification and profiling -- Analysis of a malware specimen. , English

Additional Edition: ISBN 1-59749-470-4

Language: English