O'Reilly logo

Windows Forensics and Incident Recovery by Harlan Carvey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Defining the Issue

When I first started writing this book, I sat down and tried to come up with a good reason for writing it. Was there a particular problem that I was trying to solve or address? What was I going to say, and why would I say it? The “how” would come later, as I began writing. The question became, why was I writing the book?

I've seen through personal experience and through reading a variety of online resources that many times Windows administrators respond to incidents in an ineffective manner, if at all. For whatever reason, a good deal of mystery seems to surround Windows systems that are suspected to have been compromised. In some cases, the system really isn't compromised at all. Rather, files, processes, or open ports that ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required