Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data

You looking to find the "Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data" Good news! You can purchase Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data with secure price and compare to view update price on this product. And deals on this product is available only for limited time.

   

Product Description

Network forensics is an evolution of typical digital forensics, in which evidence is gathered from network traffic in near real time. This book will help security and forensics professionals� as well as network administrators build a solid foundation of processes and controls to identify incidents and gather evidence from the network. Forensic scientists and investigators are some of the fastest growing jobs in the United States with over 70,000  individuals employed in� 2008. Specifically in the area of cybercrime and digital forensics, the federal government is conducting a talent search for 10,000 qualified specialists. Almost every technology company has developed or is developing a cloud computing strategy. � To cut costs, many companies are moving toward network-based applications like SalesForce.com, PeopleSoft, and HR Direct. Every day, we are moving companies� proprietary data into a cloud, which can be hosted anywhere in the world. These companies need to understand how to identify where their data is going and what they are sending.

• Key network forensics skills and tools are discussed-for example, capturing network traffic, using Snort for network-based forensics, using NetWitness Investigator for network traffic analysis, and deciphering TCP/IP.
• The current and future states of network forensics analysis tools are addressed.
• The admissibility of network-based traffic is covered as well as the typical life cycle of a network forensics investigation.

</p>

Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data Review

Digital Forensics for Network, Internet, and Cloud Computing (DFFNIACC) is one of the worst books I've read in the last few years. You may wonder why I bothered reading a two star book. Blame a flight from the east coast to Las Vegas and not much else to read during those five hours! DFFNIACC is a jumbled collection of incoherent thoughts, loosely bound by the idea of "forensics" but clearly not subjected to any real planning or oversight. This book is very similar to the Syngress book "Botnets" which I gave 2 stars in 2008, and as you might expect features one of the same authors. Save your money and skip DFFNIACC; only the chapter on NetFlow and another offering a general overview of NetWitness are worth reading.

DFFNIACC features all the worst qualities one sometimes finds in Syngress books: nonexistent copyediting, haphazard assortments of uncoordinated chapters from multiple authors, worthless filler chapters, and a lack of focus. I am convinced that no one read this book, or even a rough outline, and asked "what are you talking about?" For example, chapter 1 (the only section in "Part I: Introduction") is titled "What is network forensics?" but the chapter is all about "the Cloud." What? Similarly, Part VI, "The Future of Network Forensics," features two chapters -- "The Future of Cloud Computing" and "The Future of Network Forensics." Again, what is this obsession with "Cloud" and network forensics? I am fully aware of cloud providers who successfully use network forensics in certain circumstances, but network forensics is not some special approach designed for clouds.

On the "filler" topic, chapter 4 is a waste of 16 pages. Can anyone explain why the reader needs an overview of TCP headers, but no other aspects of network traffic? The following chapter, called "Using Snort for Network-Based Forensics," is worthless. The reader sees 19 pages yet no example output.

Elsewhere, I question the author's technical awareness. For example, p 25 says "The Advanced Packaging Tool apt-get utility can be used to retrieve and install tcpdump in most Unix implementations." Maybe that's true for Debian-based Linux operating systems, but I don't see too many Unix admins using Apt elsewhere. On p 35 the author says, while discussing recommended snap lengths for capture, "If you are interested in DNS data, you should set s = 4096 or greater." Why? On p 28 the author writes that the -w option for tcpdump "writes the results to file. This could also be accomplished by IO redirection at the command line." No, if you use "IO redirection" you're going to write a text-based representation of traffic to disk, not the libpcap format version of network traffic enabled by -w.

I unfortunately found other sections to be just annoying. Several times in the book the author mentions "our ISP" and "Portland State University." This is supposed to be important, because...? These chapters required a copyeditor to sit down with the author and ask "how do you think a reader is supposed to make sense of this material?" Regarding figures in the book, multiple diagrams (2-16, 3-17, etc.) are completely unreadable. Others are fuzzy, show text far too small, or otherwise add nothing. The book probably introduces three or more competing "models" or discussions of detection and response, clearly reflecting the multiple authors. Why didn't they collaborate on one section? Finally, I was very annoyed to see on p 306 the author clearly paraphrase work I had done on the four forms of Network Security Monitoring data. Unfortunately, despite citing other authors, they ignore my work and don't even really understand what they're talking about.

The only bright spot in this book is chapter 6, and that is because it covers NetFlow v9. Most books on NetFlow don't cover v9, so I liked seeing at least some coverage. The chapter was fairly well written as well.

In short, skip DFFNIACC. It's as bad as "Botnets." I want several hours of my life back.

Most of the consumer Reviews tell that the "Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data" are high quality item. You can read each testimony from consumers to find out cons and pros from Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data ...