The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics",
as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools".
Sweet indeed! Is the book going to be available on Syngress again? I like the PDF as it's searchable. I just pre-ordered a hard copy, too, as it's good reading in the living room, away from the computers. Plus, printing the PDF must consume a tree's worth of paper. Hope you're enjoying the holiday season.
Not only have the seven available chapters been updated to some degree or another (that is to say, some more than others), I've added two chapters; Tying it all together, and one on free tools not covered in the rest of the book.
I found that one of the biggest hurdles for most folks has been understanding how different chapters of the book can be used together; for example, how would one correlate Registry data during an exam with, say, MSWord doc metadata...something like that.
I've added something to all of the chapters, but like I said, it's to varying degrees...some chapters (1 and 2) don't particularly need a great deal of updating while others (3, 4) may be significantly rewritten.
Is the book going to be available on Syngress again?
I have no idea.
Most folks don't understand how little input or "control" authors have with respect to their books. I've been taking request after request to Syngress/Elsevier for translations of my book into various languages (Chinese, Portuguese, etc.), only to never hear anything back...
Thanks Harlan, I also managed to find some more info about it on Elsevier's site. It looks good, and is definitely on my list of must have books for 09.
My hope is that this chapter will start others posting similar things. For all intents and purposes at this point, it doesn't appear that many analysts look for corroborating data in this fashion.
7 comments:
Sweet indeed! Is the book going to be available on Syngress again? I like the PDF as it's searchable. I just pre-ordered a hard copy, too, as it's good reading in the living room, away from the computers. Plus, printing the PDF must consume a tree's worth of paper. Hope you're enjoying the holiday season.
Is there a table of contents available for the 2nd edition yet? How is the 2nd edition going to be different from the first?
Not only have the seven available chapters been updated to some degree or another (that is to say, some more than others), I've added two chapters; Tying it all together, and one on free tools not covered in the rest of the book.
I found that one of the biggest hurdles for most folks has been understanding how different chapters of the book can be used together; for example, how would one correlate Registry data during an exam with, say, MSWord doc metadata...something like that.
I've added something to all of the chapters, but like I said, it's to varying degrees...some chapters (1 and 2) don't particularly need a great deal of updating while others (3, 4) may be significantly rewritten.
HTH
Is the book going to be available on Syngress again?
I have no idea.
Most folks don't understand how little input or "control" authors have with respect to their books. I've been taking request after request to Syngress/Elsevier for translations of my book into various languages (Chinese, Portuguese, etc.), only to never hear anything back...
I'd suggest firing off a request to Elsevier.
Thanks Harlan, I also managed to find some more info about it on Elsevier's site. It looks good, and is definitely on my list of must have books for 09.
Excellent! Just added it to my Amazon wish list. I'm eagerly awaiting the new edition, particularly the tying it all together chapter.
KP
Ken,
My hope is that this chapter will start others posting similar things. For all intents and purposes at this point, it doesn't appear that many analysts look for corroborating data in this fashion.
Post a Comment