Incident response is a multidisciplinary science that resolves computer crime and complex legal issues, chronological methodologies and technical computer techniques. The commercial industry has embraced and adopted technology that detects hacker incidents. Companies are swamped with real attacks, yet very few have any methodology or knowledge to resolve these attacks. "Incident Response: Investigating Computer Crime" will be the only book on the market that provides the information on incident response that network professionals need to conquer attacks. "Incident Response: Investigating Computer Crime" picks up where "Hacking Exposed" leaves off, describing the methods and techniques necessary to perform a professional and successful response to computer security incidents. It provides an insider's perspective on the incident response process that has never been disclosed or published, including real case scenarios with insightful tips on how to respond to computer crime incidents.
"synopsis" may belong to another edition of this title.
A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques.
Anti-attack procedures are presented with the goal of identifying, apprehending, and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behavior is top quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don't--and can't--offer a foolproof guide to catching crackers in the act, but they do offer a great "best practices" guide to active surveillance. --David Wall
Topics covered: Monitoring computer systems for evidence of malicious activity, and reacting to such activity when it's detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack, and tools for making forensic work easier.From the Back Cover:
Learn secrets and strategies for recovering from computer crime incidents
Respond to security breaches and hacker attacks the right way with help from this insightful and practical guide. You'll get details on the entire computer forensic process and learn the importance of following specific procedures immediately after a computer crime incident occurs. Investigate various software including UNIX, Windows NT, Windows 2000, and application servers. Packed with technical examples and loads of how-to scenarios, this book will show you how to recognize unauthorized access, uncover unusual or hidden files, and monitor Web traffic. Detailed, authoritative, and up to date--Incident Response is the only book you need.
"About this title" may belong to another edition of this title.
Book Description Mcgraw-Hill Osborne Media, 2001. Paperback. Book Condition: New. book. Bookseller Inventory # 0072131829
Book Description Book Condition: Brand New. Book Condition: Brand New. Bookseller Inventory # 97800721318261.0
Book Description Mcgraw-Hill Osborne Media, 2001. Paperback. Book Condition: New. New item. Bookseller Inventory # QX-132-92-1148001