O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3

Beyond the Windows GUI

In Chapter 2, we examined the Microsoft network structure and how it can impact an investigation. In this chapter, we will look at implementation details of the Windows operating systems on an individual computer and explore ways in which an intruder may take advantage of the OS to make your investigation more difficult. By explaining how Windows implements many of its security features, we will show how an attacker can subvert those security features to do evil. We will explore ways in which an attacker can conceal his presence on the system and modify the very tools that administrators use to monitor their network’s security.

Most of us interact with Windows through its graphical user interface (GUI), which ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required