San Francisco, CA (October 14, 2016)—When forensic investigations involve digital activity, the proper handling of media evidence is critical. Digital forensic investigators acquire, preserve, and manage digital evidence to support civil and criminal cases, examine policy violations, resolve disputes, and analyze cyber attacks. Practical Forensic Imaging ($49.95, 320 pp., September 2016), a new book from No Starch Press, takes a detailed look at how to use open source command line tools to secure and manage digital evidence—something that is becoming increasingly important with the growth of private sector forensic labs. This is the first book to focus entirely on the forensic acquisition of modern storage media, making it an incomparable resource for digital forensics professionals.
In Practical Forensic Imaging, cybercrime and digital forensics expert Bruce Nikkel guides readers through the entire forensic acquisition process, providing practical scenarios that show, step-by-step, how to use Linux-based tools to acquire and manage forensic images from a wide range of storage media technologies.
Readers learn how to:
- Image hard disks, SSDs and flash drives, optical disks, magnetic tapes, and legacy technologies
- Protect evidence media with forensic write-blocking technologies
- Preserve evidence with cryptographic hashing, signatures, and timestamps
- Acquire images from protected drives, RAIDs, VMs, and damaged media
- Manage large forensic image files, image formats, and lab storage capacity
- Securely transfer, store, and dispose of forensic images
According to No Starch Press founder Bill Pollock, "This book is essential to understanding how forensic image acquisition works, and includes impressive coverage of Linux tools for imaging storage media, including some that I've personally used to recover lost data."
Practical Forensic Imaging is now available online and in fine bookstores everywhere.
About the Author
Bruce Nikkel is the director of Cyber-Crime / IT Investigation & Forensics at a global financial institution where he has managed the IT forensics unit since 2005. He is an editor for Digital Investigation and has published research in the digital forensics field. Bruce holds a PhD in network forensics.
You Might Also Be Interested In:
Available in fine bookstores everywhere, from http://www.oreilly.com/nostarch, or directly from No Starch Press: http://www.nostarch.com, [email protected], 1-800-420-7240.
About No Starch Press
No Starch Press has published the finest in geek entertainment since 1994, covering topics like LEGO, hacking, science, math, and programming for all ages. Our titles have personality, our authors are passionate, and our books tackle topics that people care about.
O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.
# # #
O'Reilly is a registered trademark of O'Reilly Media, Inc. All other trademarks are the property of their respective owners.