Rating:
(20 reviews)
Author: Diane Barrett
ISBN : 1597495573
New from $37.95
Format: PDF
You can download Free Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments from mediafire, rapishare, and mirror link
Virtualized environments are growing quicker than the predicted pace, and according to O'Reilly's computer book market report, they are the second largest computer book topic in terms of sales for 2008 with a growth of 63%. With more companies using virtual servers and environments, the ability to handle forensic data in this environment will be a necessity. This book provides forensic investigators end-to-end knowledge of examinations in server, desktop, and portable environments, including the leaders in the market: VMware, Microsoft, and Citrix.
- Named a 2011 Best Digital Forensics Book by InfoSec Reviews
- Gives you the end-to-end knowledge needed to identify server, desktop, and portable virtual environments, including: VMware, Parallels, Microsoft, and Sun
- Covers technological advances in virtualization tools, methods, and issues in digital forensic investigations
- Explores trends and emerging technologies surrounding virtualization technology
Download latest books on mediafire and other links compilation Free Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments [Paperback]
- Paperback: 272 pages
- Publisher: Syngress; 1 edition (June 1, 2010)
- Language: English
- ISBN-10: 1597495573
- ISBN-13: 978-1597495578
- Product Dimensions: 0.9 x 7.6 x 9.2 inches
- Shipping Weight: 1 pounds (View shipping rates and policies)
Free Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments
"Virtualization and Forensics" (VAF) offers "a digital forensic investigator's guide to virtual environments" as its subtitle. Eric Cole's introduction says "How do we analyze the [virtual] systems forensically since standard methods no longer work? Let me introduce a key piece of research and literature, VAF." I disagree with Eric's claim: I did not find VAF to be a compelling resource for forensic investigators of virtual environments. If an author writes a book on virtual forensics, I would expert more advice on how to accomplish the task, and less description of virtual environments. Unfortunately, VAF spends most of its time talking about virtual systems and not enough time helping investigators analyze them.
The bulk of VAF either 1) describes virtual systems in generic terms or 2) discusses other people's research regarding virtual environments. One of the few original sections appears in chapter 5, where the authors list artifacts from installation of virtualization software on Windows computers. Besides that chapter, the authors don't directly show how to do much of anything in the way of investigation. For example, on pp 123-4, why don't the authors demonstrate how to acquire memory from a system running ESXi, instead of providing a few sentences? I got the impression that the authors conducted some thought experiments regarding investigating virtual environments, but didn't really have experience in production.
On the quality side, I found some of the screen captures to be way too small. In other cases, I wondered what I was supposed to learn from them. Elsewhere, I wondered about the logic of taking screen captures of netstat output. Why not redirect the output to a file and print that in the text, and better yet, explain what it is supposed to mean?