QR/바코드 검색
.jpg)
품목정보
| 발행일 | 2004년 07월 21일 |
|---|---|
| 쪽수, 무게, 크기 | 460쪽 | 890g | 178*233mm |
| ISBN13 | 9780321200983 |
| ISBN10 | 0321200985 |
Harlan Carvey
|
Addison-Wesley Professional
|
2004년 07월 21일
저자/출판사 더보기/감추기
관련분류
저자 소개 관련자료 보이기/감추기
저자 : Harlan Carvey
Harlan Carvey's interest in computer and information security began while he was an officer in the U.S. military, during which time he earned his master's degree in Electrical Engineering. After leaving military service, he began working in the field of commercial and government information security consulting, performing vulnerability assessments and penetration tests. While employed at one company, he was the sole developer of a program for collecting security-specific information (i.e., Registry entries, file information, configuration settings, etc.) from Windows NT systems during vulnerability assessments. The purpose of the product was to overcome shortfalls in commercial scanning products and provide more valuable information to the customer. Harlan has also done considerable work in the area of incident response and forensics, performing internal and external investigations. He has also written a number of proof-of- concept tools for educating users in such topics as Windows null sessions, file signature analysis, and the retrieval of metadata from a variety of files.
Harlan's experience with computers began in the early '80s, with a Timex-Sinclair 1000. Around that time, he was learning to program BASIC on an Apple IIe. From there, he moved on to computers such as the Epson QX-10 and the TRS-80, on which he programmed BASIC learned PASCAL, using the TurboPASCAL compiler. Since then, he's worked with SunOS and Solaris systems, as well as various versions of DOS and Windows, OS/2, and Linux.
Harlan has presented at Usenix, DefCon9, Black Hat, GMU2003 on various topics specific to issues on Windows platforms, such as data hiding. He has had articles published in the Information Security Bulletin and on the SecurityFocus web site.
Harlan's experience with computers began in the early '80s, with a Timex-Sinclair 1000. Around that time, he was learning to program BASIC on an Apple IIe. From there, he moved on to computers such as the Epson QX-10 and the TRS-80, on which he programmed BASIC learned PASCAL, using the TurboPASCAL compiler. Since then, he's worked with SunOS and Solaris systems, as well as various versions of DOS and Windows, OS/2, and Linux.
Harlan has presented at Usenix, DefCon9, Black Hat, GMU2003 on various topics specific to issues on Windows platforms, such as data hiding. He has had articles published in the Information Security Bulletin and on the SecurityFocus web site.
관련자료 관련자료 보이기/감추기
* Jacket Description/Back:
Back Cover Copy: Windows Forensica and Incident Recovery Praise for "Windows Forensics and Incident Recovery
""Windows Forensics and Incident Recovery doesn' t just discuss forensics, it also includes tools for analysis and shows readers how to use them. I look forward to putting these tools through their paces, and I recommend Carvey' s book as a terrific addition to the security professional' s bookshelf."
"--Warren G. Kruse II, Partner
"Computer Forensic Services, LLC
"This book is a good reference for the tools needed to prepare for, respond to, and confirm a Windows-based computer incident."
"--Brian Carrier
"Digital forensics researcher
"This book provides a unique ' command-line centric' view of Microsoft and non-Microsoft tools that can be very helpful to folks responsible for security and system administration on the Windows platform."
"--Vishwas Lele, principal architect
"Applied Information Sciences, Inc.
"Harlan Carvey' s book serves as a great resource for investigators and systems administrators looking to peek under the hoods of their Windows systems."
"--Jason Chan, security consultant
"@stake
"Regardless of what you know already, you are guaranteed to learn something new about Windows incident response from this book."
"--Brian Behler, computer forensics and intrusion analyst/engineer
"Harlan Carvey' s vast security and forensics experience shows through in all facets of this work. Many books have attempted to be the prescriptive guide to forensics on the Windows platform. This book not only attempts it, but it succeeds--with guidance to spare."
"--Rick Kingslan, Microsoft MVP
"West Corporation
"This book is the first to bring together into a single volume the topics of malicious code, incident response, and forensics on the Windows platform. Mr. Carvey' s work should serve as a valuable reference for any Windows system administrator or security professional."
"--Jennifer Kolde, information security consultant, author, and instructor
"Harlan Carvey' s book is a one-of-a-kind approach to do-it-yourself Windows forensics. With detailed and illustrative examples coupled with Harlan' s renowned Perl scripts, this book certainly is a great find."
"--Mark Burnett, security consultant and author
The first book to focus on forensics and incident recovery in a Windows environment
Teaches through case studies and real world-examples
Companion CD contains unique tools developed by the author.
Covers Windows Server 2003, Windows 2000, Windows NT, and Windows XP
If you' re responsible for protecting Windows systems, firewalls and anti-virus aren' t enough. You also need to master incident response, recovery, and auditing. Leading Windows security expert and instructor Harlan Carvey offers a start-to-finish guide to the subject: everything administrators must know to recognize "and respond to virtually any attack.
Drawing on his widely acclaimed course, Carvey uses real-world examples to cover every significant incident response, recovery, and forensics technique. He delivers a complete incident response toolset that combines today' s best open source and freeware tools, his own exclusive software and scripts, and step-by-step instructions for using them. This book' s tools and techniques apply to"every current and professional version of Windows: NT, 2000, XP, and Windows Server 2003. Coverage includes:
Developing a practical methodology for responding to potential attacks
Preparing your systems to prevent and detect incidents
Recognizing the signatures of an attack--in time to "act
Uncovering attacks that evade detection by Event Viewer, Task Manager, and other Windows GUI tools
Using the Forensic Server Project to automate data collection during live investigations
Analyzing live forensics data in order to determine what occurred CD-ROM INCLUDED
CD-ROM contains incident response and forensics toolkit code developed by the author, sample network packet captures, as well as data collected from compromised systems using the Forensic Server Project. You can also access Carvey' s website at http: //www.windows-ir.com for code samples, updates, and errata.
Acknowledgments
I' d like to start by thanking Larry Leibrock and Jay Heiser for getting me started down this road. Several years ago, I had developed a 2-day, hands-on incident response course for Windows 2000, and Larry provided me with my initial opportunity to teach it at the University of Texas in Austin. This book began its life as the presentation for the incident response course. I had done a technical review of Jay and Warren Kruse' s computer forensics book, and Jay provided my name to his former editor as someone who may be interested in writing a book on the subject of Windows security.
Karen Gettman offered me the opportunity to write this book, and I decided to take it. I' d had articles published, but I' d never written a book. Karen and her assistant, Elizabeth Zdunich, kept me on track throughout this process.
I' d like to thank several of the reviewers as well. Of all of the reviewers who' ve been involved in this process, I' d like to recognize Jennifer Kolde, Mike Lyman, and Jason Chan for their efforts and input. The reviews from these three individuals provided valuable constructive criticism regarding the content and structure of the book. I can' t say that I followed all the advice they provided, but I did read and consider everything they said thoroughly. With their help and insight, I didn' t feel as if I were working on this book alone. Thanks, guys, for your time and effort. And Jen, thanks for indulging me all those time I' d email you with thoughts about your comments. Those exchanges gave me even more insight into to the content of the book, as well as the subject of incident response on Windows systems, in general.
Finally, and most importantly, I' d like to thank Terri Dougherty. I' ve written a book, and yet I can' t seem to find the words to express my gratitude for your support throughout this process. Thank you. I owe you a debt that I will be repaying for a long time.
Back Cover Copy: Windows Forensica and Incident Recovery Praise for "Windows Forensics and Incident Recovery
""Windows Forensics and Incident Recovery doesn' t just discuss forensics, it also includes tools for analysis and shows readers how to use them. I look forward to putting these tools through their paces, and I recommend Carvey' s book as a terrific addition to the security professional' s bookshelf."
"--Warren G. Kruse II, Partner
"Computer Forensic Services, LLC
"This book is a good reference for the tools needed to prepare for, respond to, and confirm a Windows-based computer incident."
"--Brian Carrier
"Digital forensics researcher
"This book provides a unique ' command-line centric' view of Microsoft and non-Microsoft tools that can be very helpful to folks responsible for security and system administration on the Windows platform."
"--Vishwas Lele, principal architect
"Applied Information Sciences, Inc.
"Harlan Carvey' s book serves as a great resource for investigators and systems administrators looking to peek under the hoods of their Windows systems."
"--Jason Chan, security consultant
"@stake
"Regardless of what you know already, you are guaranteed to learn something new about Windows incident response from this book."
"--Brian Behler, computer forensics and intrusion analyst/engineer
"Harlan Carvey' s vast security and forensics experience shows through in all facets of this work. Many books have attempted to be the prescriptive guide to forensics on the Windows platform. This book not only attempts it, but it succeeds--with guidance to spare."
"--Rick Kingslan, Microsoft MVP
"West Corporation
"This book is the first to bring together into a single volume the topics of malicious code, incident response, and forensics on the Windows platform. Mr. Carvey' s work should serve as a valuable reference for any Windows system administrator or security professional."
"--Jennifer Kolde, information security consultant, author, and instructor
"Harlan Carvey' s book is a one-of-a-kind approach to do-it-yourself Windows forensics. With detailed and illustrative examples coupled with Harlan' s renowned Perl scripts, this book certainly is a great find."
"--Mark Burnett, security consultant and author
The first book to focus on forensics and incident recovery in a Windows environment
Teaches through case studies and real world-examples
Companion CD contains unique tools developed by the author.
Covers Windows Server 2003, Windows 2000, Windows NT, and Windows XP
If you' re responsible for protecting Windows systems, firewalls and anti-virus aren' t enough. You also need to master incident response, recovery, and auditing. Leading Windows security expert and instructor Harlan Carvey offers a start-to-finish guide to the subject: everything administrators must know to recognize "and respond to virtually any attack.
Drawing on his widely acclaimed course, Carvey uses real-world examples to cover every significant incident response, recovery, and forensics technique. He delivers a complete incident response toolset that combines today' s best open source and freeware tools, his own exclusive software and scripts, and step-by-step instructions for using them. This book' s tools and techniques apply to"every current and professional version of Windows: NT, 2000, XP, and Windows Server 2003. Coverage includes:
Developing a practical methodology for responding to potential attacks
Preparing your systems to prevent and detect incidents
Recognizing the signatures of an attack--in time to "act
Uncovering attacks that evade detection by Event Viewer, Task Manager, and other Windows GUI tools
Using the Forensic Server Project to automate data collection during live investigations
Analyzing live forensics data in order to determine what occurred CD-ROM INCLUDED
CD-ROM contains incident response and forensics toolkit code developed by the author, sample network packet captures, as well as data collected from compromised systems using the Forensic Server Project. You can also access Carvey' s website at http: //www.windows-ir.com for code samples, updates, and errata.
Acknowledgments
I' d like to start by thanking Larry Leibrock and Jay Heiser for getting me started down this road. Several years ago, I had developed a 2-day, hands-on incident response course for Windows 2000, and Larry provided me with my initial opportunity to teach it at the University of Texas in Austin. This book began its life as the presentation for the incident response course. I had done a technical review of Jay and Warren Kruse' s computer forensics book, and Jay provided my name to his former editor as someone who may be interested in writing a book on the subject of Windows security.
Karen Gettman offered me the opportunity to write this book, and I decided to take it. I' d had articles published, but I' d never written a book. Karen and her assistant, Elizabeth Zdunich, kept me on track throughout this process.
I' d like to thank several of the reviewers as well. Of all of the reviewers who' ve been involved in this process, I' d like to recognize Jennifer Kolde, Mike Lyman, and Jason Chan for their efforts and input. The reviews from these three individuals provided valuable constructive criticism regarding the content and structure of the book. I can' t say that I followed all the advice they provided, but I did read and consider everything they said thoroughly. With their help and insight, I didn' t feel as if I were working on this book alone. Thanks, guys, for your time and effort. And Jen, thanks for indulging me all those time I' d email you with thoughts about your comments. Those exchanges gave me even more insight into to the content of the book, as well as the subject of incident response on Windows systems, in general.
Finally, and most importantly, I' d like to thank Terri Dougherty. I' ve written a book, and yet I can' t seem to find the words to express my gratitude for your support throughout this process. Thank you. I owe you a debt that I will be repaying for a long time.
회원리뷰 (0건) 회원리뷰 이동
첫번째 리뷰어가 되어주세요.
한줄평 (0건) 한줄평 이동
첫번째 한줄평을 남겨주세요.
상품정보안내
직수입외서의 경우, 해외거래처에서 제공하는 정보가 부족하여 제목, 표지, 가격, 유통상태 등의 정보가 미비하거나 변경되는 경우가 있습니다. 정확한 확인을 원하시는 경우, 일대일 상담으로 문의하여 주시면 답변 드리겠습니다.
(판형과 판수 등이 다양한 도서는 찾으시는 도서의 ISBN을 알려 주시면 보다 빠르고 정확한 안내가 가능합니다.)
해외거래처에서 품절인 경우, 2차 거래선을 통해 유럽과 미국 출판사로 직접 수입이 진행될 수 있습니다.
수입 진행 시점으로 부터 2~3주가 추가로 소요되며, 해외에서도 유통이 원활하지 않은 도서는 품절 안내가 지연될 수 있습니다.
해당 경우, 문자와 메일로 별도 안내를 드리고 있사오니 마이페이지에서 휴대전화번호와 메일주소를 다시 한번 확인해주시기 바랍니다.
(판형과 판수 등이 다양한 도서는 찾으시는 도서의 ISBN을 알려 주시면 보다 빠르고 정확한 안내가 가능합니다.)
해외거래처에서 품절인 경우, 2차 거래선을 통해 유럽과 미국 출판사로 직접 수입이 진행될 수 있습니다.
수입 진행 시점으로 부터 2~3주가 추가로 소요되며, 해외에서도 유통이 원활하지 않은 도서는 품절 안내가 지연될 수 있습니다.
해당 경우, 문자와 메일로 별도 안내를 드리고 있사오니 마이페이지에서 휴대전화번호와 메일주소를 다시 한번 확인해주시기 바랍니다.
배송/반품/교환 안내
배송 안내
| 배송 구분 |
예스24 배송
|
|---|---|
| 포장 안내 |
안전하고 정확한 포장을 위해 CCTV를 설치하여 운영하고 있습니다. 고객님께 배송되는 모든 상품을 CCTV로 녹화하고 있으며, 철저한 모니터링을 통해 작업 과정에 문제가 없도록 최선을 다 하겠습니다.
목적 : 안전한 포장 관리 |
반품/교환 안내
상품 설명에 반품/교환과 관련한 안내가 있는경우 아래 내용보다 우선합니다. (업체 사정에 따라 달라질 수 있습니다)
| 반품/교환 방법 |
|
|---|---|
| 반품/교환 가능기간 |
|
| 반품/교환 비용 |
|
| 반품/교환 불가사유 |
|
| 소비자 피해보상 |
|
| 환불 지연에 따른 배상 |
|
- 일시품절 상태입니다.
