O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Begin at the Beginning

Even back in the day of Windows NT, logs were important. This might surprise some of you who have experience with Windows NT, but it is true. The difficulty with logs from that operating system is the way in which they were stored. Logs from the Windows NT era often stored little (but important) bits of information on various computers. Thus, investigations that spanned a large number of nodes across a geographically diverse area were exponentially more difficult. This distributed log storage ended with introduction of Windows 2000. Not only were Windows 2000 logs more aggregated, but they contained far greater detail. In the investigation of computer intrusions, details are the investigator’s best friend (well, that and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required