February 20th, 2004 07:03 PM
Can anyone give me any leads on how or where to obtain information regarding computer forensic's? I would like to pursue this but I am not having much luck finding any info. Is a formal education really needed?
February 20th, 2004 07:08 PM
Can anyone give me any leads on how or where to obtain information regarding computer forensic's?
computer forensic and incedent handling this feil needs experience a lot of it . people generally do no like to employ persons with no experince as its forencic expert . i beleive if you seriously want to pursue it as a career a formal degree/diploma will be a great boost
A quick search at amazon shows the following books
February 20th, 2004 07:44 PM
February 20th, 2004 11:36 PM
Google doesn't tell you much, so that wouldn't necessarily be my first choice for info.
Forensics in itself is not that difficult. The difficult part is defending your test results and testing methods while being grilled by an attorney in court. Collecting the evidence is only a small part of the job. One also needs to know the proper methods for gathering and protecting the integrity of evidence. You need to follow the same rules of evidence as any investigative body.
There are a few certifications for computer forensics, and a few colleges are offering degrees, but they are far and few between. (the field is still relatively new).
IMHO, you don't need a college degree to pursue a career in forensics, but you had better have lots of verifiable experience, and you better know what you are talking about. The first time getting torn apart on the witness stand, and that's the end of your forensics career.
As far as getting actual experience, a strong grasp of all operating systems is a must. You could be a windows forensics expert, but should you ever run into a linux box, you will have to pay someone else to do your job....besides, linux has tons of cool and free forensics tools...so from a forensics standpoint, you would want to learn some linux anyway. (My first experience with linux was Knoppix-sdt which is basically a live forensics distro )
Before just checking out books, keep in mind that many of them are crap...read the reviews. I have one forensics book that spends alot of time discussing hacking groups and military efforts to thwart hackers which is interesting, but not why I bought the book. Anything by Ed Skoudis is good. The folks at Foundstone put out a few good books (plus a few good tools)
Getting forensic experience is as simple as setting up a test box, infecting it, and figuring out what you . Ok, not really, most of it is learning how to use the tools, and learning what tool to use when. And a lot of poking around in files to see what you can find.
I like hanging out here because I learn how systems get exploited, and it helps me know where to look if I run into a problem. I've picked up a good bit of security knowledge while I've been at it also.
A background in criminal justice is also helpful.
If you have any more questions, feel free to PM me...I can do better than "Google for it"
February 21st, 2004 01:52 AM
There's also a bunch of websites out there that offer tools to play with as well. I've never played with any of these myself, but people I know say they're pretty good.
Open Source Forensics
Local Area Security
Most of the above have ISO's for bootable CDs, so if you've got a broadband connection, a burner, and a spare computer sitting around, download a few of these and play around. One of these days, I'll get around to doing the same. Also, report back and tell me how they are...
February 21st, 2004 04:39 AM
February 23rd, 2004 04:25 PM
Thanks for everyone's input on this, this will defintely get me started in the right direction.
October 31st, 2005 10:22 PM
You may also want to check out:
<a href=http://www.infosecinstitute.com/courses/computer_forensics_training.html>Computer Forensics</a> Training at InfoSec Institute