Addison Wesley – Windows Forensics and Incident Recovery (CHM)
Requirements: CHM Reader (7 Mb)
Overview:
About a year ago I was investigating a system to try and determine if it was attacked, as well as when and how if it had been. I wrote for help to a list that I am on and Harlan Carvey responded with detailed and useful information that helped me out.
I asked Carvey at the time if there were a book I could get that would help me learn that stuff and he told me that he didn’t want to be cocky per se, but that there really wasn’t and that I would have to wait until his book came out. Now that I have it I think I would have to agree.
There are plenty of great books on computer forensics available, but none that go into the depth that Carvey does on the Windows operating system itself. The information he provides regarding how and where Windows hides information is invaluable for finding and recovering from an attack.
Download Instructions: http://rapidshare.com/files/44522243/Addison.Wesley.Professional.Windows.F … l.2004.rar
