We have authored and edited several industry-recognized books that range from foundational topics to advanced investigative techniques.

Digital Evidence and Computer Crime, Third Edition (800 pages) provides the knowledge necessary to uncover and use digital evidence effectively in any kind of investigation. This book covers forensic methodologies and tools relevant to incident responders, forensic analysts, police and lawyers. This completely updated edition provides the introductory materials that new students require, and also expands on the material presented in previous editions to help students develop core skills. The textbook teaches how computer networks function, how they can be involved in crimes, and how they can be used as a source of evidence. Additionally, this third edition includes updated chapters dedicated to networked Windows, Unix, and Macintosh computers and mobile devices. Case examples are provided throughout each chapter and references to specialized literature and on-line resources are included for additional details.

 

 

This book brings together renowned experts in all areas of digital forensics and investigation to provide the consummate resource for practitioners in the field.The Investigative Methodology section of the Handbook provides expert guidance in the three main areas of practice: Forensic Analysis, Electronic Discovery and Intrusion Investigation. The Technology section is extended and updated to reflect the state of the art in each area of specialization. The main areas of focus in the Technology section are forensic analysis of Windows, Unix, Macintosh, and embedded systems (including cellular telephones and other mobile devices), and investigations involving networks (including enterprise environments and mobile telecommunications technology).

 

Dissecting the dark side of the Internet -- with its infectious worms, botnets, rootkits, and Trojan horse programs (known as malware)-- this in-depth, how-to guide details the complete process of responding to a malicious code incident, from isolating malware and testing it in a forensic lab environment, to pulling apart suspect code and investigating its origin and authors.

 

 

This book brings together the specialized technical knowledge and unique investigative experience that a few individuals possess, creating a seminal work that forensic scientists, attorneys, law enforcement, and computer professionals will rely on as their technical guide when confronted with digital evidence of any kind.

 

 

Approximately half of the caseload in computer crimes units involves the computer assisted sexual exploitation of children. Despite the scale of this problem, there are no published resources that bring together the complex mingling of disciplines and expertise required to put together a computer assisted child exploitation case. This work fills this void, providing police, prosecutors and forensic examiners with the historical, legal, technical, and social background for the laws prohibiting child exploitation, in particular, child pornography.

 

 

 

Hackers, IT professional, and Infosec aficionados (as well as everyday people interested in security) will find a gripping story that takes the reader on a global trip through the world of computer security exploits. One-half thriller, one-half reference, each provides context for the other. Together they will show you how to see the digital world just below the surface of daily life.

 

 

Originally released in 1996, Netcat is a networking program designed to read and write data across both Transmission Control Protocol TCP and User Datagram Protocol (UDP) connections using the TCP/Internet Protocol (IP) protocol suite. Netcat is often referred to as a "Swiss Army knife" utility, and for good reason. Just like the multi-function usefulness of the venerable Swiss Army pocket knife, Netcat's functionality is helpful as both a standalone program and a back-end tool in a wide range of applications. Some of the many uses of Netcat include port scanning, transferring files, grabbing banners, port listening and redirection, and more nefariously, a backdoor. This is the only book dedicated to comprehensive coverage of the tool's many features, and by the end of this book, you'll discover how Netcat can be one of the most valuable tools in your arsenal.

 

Combating Spyware in the Enterprise begins by examining the various types of insidious spyware and adware currently propagating across the internet and infiltrating enterprise networks. This section closely examines Spyware's ongoing transformation from nuisance to malicious, sophisticated attack vector. Next, the book uncovers spyware's intricate economy and network of malicious hackers and criminals. Forensic investigations presented in this section of the book reveal how increasingly sophisticated spyware can compromise enterprise networks via trojans, keystroke loggers, system monitoring, distributed denial of service attacks, backdoors, viruses, and worms. After close examination of these attack vectors, the book begins to detail both manual and automated techniques for scanning your network for the presence of spyware, and customizing your IDS and IPS to detect spyware. From here, the book goes on to detail how to prevent spyware from being initially installed to mitigating the damage inflicted by spyware should your network become infected. Techniques discussed in this section include slowing the exposure rate; web filtering; using FireFox, MacOSX, or Linux; patching and updating, machine restrictions, shielding, deploying anti-spyware, and re-imaging. The book concludes with an analysis of the future of spyware and what the security community must accomplish to win the war against spyware.

 

This book is for system administrators and security professionals who need to bring now ubiquitous IM and P2P applications under their control. Many businesses are now taking advantage of the speed and efficiency offered by both IM and P2P applications, yet are completely ill-equipped to deal with the management and security ramifications.

 

These companies are now finding out the hard way that these applications which have infiltrated their networks are now the prime targets for malicious network traffic. This book will provide specific information for IT professionals to protect themselves from these vulnerabilities at both the network and application layers by identifying and blocking this malicious traffic.