Monday, September 5, 2011

Road to CCE, Pt. 3: Review of Digital Forensics with Open Source Tools

     "Digital Forensics with Open Source Tools" (DFwOST), by Cory Altheide and Harlan Carvey is an excellent resource for a beginning forensics student I feel.  I am so happy that I decided to pick up this book, it has proven to be one of the best resources I now have.  This book reads extremely well, as the information it contains is concise and to the point.  DFwOST is certainly a value and I can see myself returning to it in the coming months.  

     As far as the content of the books is concerned, the authors provide a wealth of knowledge covering the basics of digital forensics.  The beginning chapter goes over what open source is and how its going to relate to the book.  The next chapter then discusses the differences in choosing a host operating system (mainly Windows vs Linux).  Chapters 3 through 8 analyze varying topics of digital forensics like file system analysis, points of analysis for varying operating systems, Internet artifacts, and file analysis.  These chapters hold a lot of information relating to the multiple points of interest in digital forensics; and while discussing the topics the authors provide the reader with examples of analysis with popular open source projects.  The final chapter then offers the reader insight into how to utilize the various discussed tools with better efficiency; as well as, the pros and cons of graphical user interfaces versus command line interfaces.  

     Overall, I feel like this is one of the best resources for learning about digital forensics because it provides great information along with practical knowledge of how to use the information.  It's easy enough to follow along with the reading while testing these tools with your own test lab.  The authors often provide easy to follow installation methods, which can often be valuable with dealing with some open source projects.  If you're looking to get into forensics more or even just learn about current open source projects going on in the forensics world I would recommend you go out and pick up this book.  I feel like this book helped me take the knowledge I've learned from other books I've discussed in this blog and transform it into practical knowledge as it's easy to get access to these tools and test them for myself without spending money (a plus for any college student).