Product: 1597495867

I’m not a professional digital forensics practitioner. I don’t investigate. My primary interest is in data recovery following hard drive crashes, accidental deletion and other user-induced mishaps. I am very knowledgeable of Linux and already have experience with some of the tools mentioned in the book, so that puts me somewhere between beginner and experienced forensics practitioner. This book is written for both–though not necessarily for tech newbies, as evidenced by many of the Vine reviewers who apparently had no idea what they were getting into when they opened this book.

As a longtime Linux user, it’s refreshing and incredibly useful to have a comprehensive guide to open source alternatives to the expensive commercial forensics tools that often don’t even work in Linux. In the past, I’ve had to rely on web searching, trial-and-error with various tools, navigating through outdated websites to find instructions I need, and trying to make sense of cryptic MAN Pages. This book would have saved me countless hours of frustration by telling what what tools would work best for the need at hand and giving me practical instruction on how to best use those tools.

New forensics practitioners will find this book to be a great cram course on the subject of digital forensics and the open source tools available. Experienced professionals may be frustrated at times by the explanations aimed at the beginners, but they will find the book to be an excellent reference and will probably find a lot of open source alternatives to commercial products they may already be familiar with.

I won’t get into specifics of what the book covers since other reviewers have done that, but I will point out that the authors have worked hard to make this book as comprehensive as possible, covering forensics on Windows, Mac and Linux systems as well as Internet artifacts and file analysis of the most common file types (though the tools will help in the analysis of pretty much any file type). The book also covers emerging areas of forensics, such as building timelines, as well as free but non-open tools that are noteworthy and may be of use to readers.

This is a great book to have on your shelf if you are involved in any way with digital forensics, data recovery or computer security. I would suggest some familiarity with Linux, and I would not recommend this book to anyone who doesn’t have at least a basic understanding of the command line, file systems, operating systems, etc.
Rating: 5
1597495867
Count: 10