Product: 1593277938

This is a much needed book is singularly focused on the use of Linux as a platform for performing computer forensics, in particular, forensic image acquisition and evidence preservation of storage media.

Bruce Nikkel writes well and knowledgeably about this subject. He keeps his focus on the imaging process and he very clearly inows his stuff.

Chapters 1 and 2 cover the essentials of computer storage systems and devices and the basic elements of Linux.

Beyond that, as a reader, you will need something more than a basic knowledge of Linux and a large degree of oc comfort with the Command Line.

Given that, this book is a complete guide to forensic imaging with Linux, including some fairly esoteric subjects such as enabling access to hidden sectors (i.e.. HPA, DCO) and SMART logs.

The experienced computer forensics expert who may be accustomed to using industry-standard commercial tools may be surprised to learn that in terms of the imaging process, everything that may be necessary can be done with free tools.

If you don’t have a working knowledge of Linux, you should and this book may give you the incentive to not only learn Linux, but to use open-source tools for at least some of your imaging needs.

Jerry
Rating: 5
1593277938
Count: 7