Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Scene of the Cybercrime: Computer Forensics Handbook", Debra Littlejohn Shinder

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKSOCCFH.RVW 20060809 Scene of the Cybercrime: Computer Forensics Handbook , Debra Littlejohn Shinder, 2002, 1-931836-65-5, U$59.95/C$92.95 %A Debra
    Message 1 of 1 , Sep 4, 2006
      BKSOCCFH.RVW 20060809

      "Scene of the Cybercrime: Computer Forensics Handbook", Debra
      Littlejohn Shinder, 2002, 1-931836-65-5, U$59.95/C$92.95
      %A Debra Littlejohn Shinder debshinder@...
      %C 800 Hingham Street, Rockland, MA 02370
      %D 2002
      %E Ed Tittel
      %G 1-931836-65-5
      %I Syngress Media, Inc.
      %O U$59.95/C$92.95 781-681-5151 fax: 781-681-3585 amy@...
      %O http://www.amazon.com/exec/obidos/ASIN/1931836655/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/1931836655/robsladesin03-20
      %O Audience n+ Tech 2 Writing 3 (see revfaq.htm for explanation)
      %P 718 p.
      %T "Scene of the Cybercrime: Computer Forensics Handbook"

      There are some good forensics books out there, but there are also a
      number of forensics titles that are nothing more than pamphlets
      suggesting that the reader get a copy of EnCase and fool around. Then
      there is this work. I'm not sure how I got a review book that is four
      years old, an eternity in the technical realm, and particularly in
      security. Astoundingly, Shinder produced a work that cut to the heart
      of the necessary concepts, without piling on technical trivia that
      would rapidly go out of date. This volume is as relevant and valuable
      today as it was when it came out.

      The foreword notes that the author, herself from both a law
      enforcement and a technical background, found that most technical
      security people know little about law and legal procedures, and that
      law enforcement personnel know next to nothing about computer
      internals. She set herself to provide geek info to the cops and cop
      smarts to the geeks, and to compile a reference to other resources.

      She has produced an admirably valuable text.

      Chapter one starts out with a bit of a slip, stating that cybercrime
      is a subcategory of computer crime, but then explains it in such a way
      as to be basically identical. However, Shinder goes on to provide an
      excellent review of the problems in defining and categorizing
      cybercrime, jurisdictional issues, and the difficulties in building a
      team and infrastructure to fight cybercrime. A concise history of
      computer crime events and issues, and a review of common dangers,
      makes up chapter two. (The material on high-speed Internet is
      somewhat dated, but the rest is excellent.) In other hands, chapter
      three's examination of the people involved in cybercrime would be a
      rehash of old "hacker" stereotypes. Instead, Shinder gives us
      criminal psychology, profiling (and counterexamples to the
      stereotypes), victimology, and the characteristics of a good

      Chapter four looks into computer hardware basics. Techies will think
      it simplistic, but the content is pitched just right for computer
      neophytes who need the fundamental concepts and enough detail to step
      up to further studies. Some may think that the coverage of
      networking, in chapter five, spends too much time on analogue
      signalling and old LAN protocols, but you have to remember that
      digital forensic investigators are not called upon to use standard
      environments, but to assess the material found in arbitrary ones. The
      presentation of network intrusions and attacks, in chapter six, has
      clear representation of the concepts, without deluging the reader with
      quickly dateable minutia.

      Chapter seven, turning to cybercrime prevention, presents general
      information security concepts, with a concentration on networks and
      cryptography. (As with many, Shinder seems to be fascinated with
      steganography out of all proportion to its importance.) Implementing
      system security, in chapter eight, is similar, but with greater
      emphasis on specific settings. (Although this is very helpful,
      particularly to the home user, it has limited application to
      forensics.) Chapter nine looks at cybercrime detection techniques,
      primarily audit information in its various forms. The collection and
      preservation of digital evidence is an important and difficult task.
      Chapter ten does not go into the same level of detail as Michael A.
      Caloyannides' "Computer Forensics and Privacy" (cf. BKCMFRPR.RVW),
      "Computer and Intrusion Forensics" by Mohay et al (cf. BKCMINFO.RVW),
      Kruse and Heiser's classic "Computer Forensics" (cf. BKCMPFRN.RVW),
      the somewhat challenging "Forensic Discovery" by Farmer and Venema
      (cf. BKFORDIS.RVW), and Brian Carrier's resourceful "File System
      Forensic Analysis" (cf. BKFSFRAN.RVW), but presents a broad overview,
      and has good advice on evidence management and a useful list of
      resources. Legal systems, types of laws, jurisdictional issues, and
      the preparation of a case is covered in chapter eleven, which extends
      "A Guide to Forensic Testimony" by Smith and Bace (cf. BKGDFOTS.RVW).

      For anyone just becoming involved in digital forensics, the book is an
      excellent introduction and overview of the field in its proper
      context. For those already involved, this manual is both a solid
      reminder of what needs to be taught to those becoming involved in
      computer forensics, and also a resource for a number of areas that the
      individual specialist may not cover every day. Despite the age of the
      work, in this fast changing environment, Shinder has produced a text
      of classic depth and lasting value. (Hopefully Syngress will get her
      to produce updates on a regular basis.)

      copyright Robert M. Slade, 2006 BKSOCCFH.RVW 20060809

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Are you sure that [nine nine nine nine nine nine is] random?
      That's the problem with randomness. You can never be sure.
      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
    Your message has been successfully submitted and would be delivered to recipients shortly.