REVIEW: "Internet Forensics", Robert Jones
- BKINTFOR.RVW 20051209
"Internet Forensics", Robert Jones, 2006, 0-596-10006-X,
%A Robert Jones www.craic.com
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%I O'Reilly & Associates, Inc.
%O U$39.95/C$55.95 800-998-9938 fax: 707-829-0104 nuts@...
%O Audience i Tech 2 Writing 1 (see revfaq.htm for explanation)
%P 223 p.
%T "Internet Forensics"
The preface states that the intended audience for the book consists of
security professionals, as well as developers and system
administrators. A basic familiarity with email and Web clients is
assumed, and the ability to program in Perl is recommended, although
Chapter one notes that there are bad things and people on the
Internet. The domain and IP address structures, and the tools
associated with researching the information related to them, is
discussed in chapter two. Email headers are described in chapter
three, primarily with a view to catching spammers. Chapter four notes
various means of representing (and obfuscating) Web addresses. The
information that can be obtained from Web pages is in chapter five,
while data that can be obtained from Web servers is in six. Chapter
seven outlines the information that your browser gives about you, and
mentions ways to protect your privacy in that regard. The existence
of metadata and commented material in Microsoft Word and Adobe PDF
files is presented in chapter eight, although this usually relates
more to computer forensics than the network kind. Chapter nine
appears to deal with the checking and confirmation of personal
information. An overview of ways to search for and create signatures
and patterns is given in chapter ten, but the purpose of the activity
is not clear. Two case studies of network investigations are
presented in chapter eleven, one of a phishing scam, and the other of
a spambotnet. Chapter twelve finishes off the book with a look at
various groups investigating different kinds of net crimes.
The field of network forensics is not well covered yet. Therefore, I
may be guilty of expecting too much of an early work. Much of the
material presented in this book is simplistic. Still, the average
Internet user may find the content helpful in terms of tracing
spammers and checking for information about possibly hostile Web
copyright Robert M. Slade, 2005 BKINTFOR.RVW 20051209
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
I have received memos so swollen with managerial babble that they
struck me as the literary equivalent of assault with a deadly
weapon. - Peter Baida