Mailinglist Archive

Windows Forensics and Incident Recovery
Posted by timothy on Tuesday November 09, @16:26

dba599 (Mark McKinnon) submits this review of Harlan Carvey's Windows
Forensics and Incident Recovery, writing "This book takes an unusual
approach to computer forensics in that it deals only with live analysis
of the system: the compromised computer is left powered on and
everything is running. (Compare to a dead analysis, for which the
computer is powered off and the hard drive's contents are then
analyzed.)" Read on for the rest of McKinnon's review.

http://books.slashdot.org/books/04/11/09/202220.shtml