Verfügbarkeit: File system forensic analysis

File system forensic analysis:

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Carrier, Brian (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Upper Saddle River, NJ [u.a.] Addison-Wesley 2011
Ausgabe:	[Nachdr.]
Schlagworte:	Computerforensik Dateisystem
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	Hier auch später erschienene, unveränderte Nachdrucke
Beschreibung:	XX, 569 S. Ill., graph. Darst. 24cm
ISBN:	0321268172 9780321268174

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV039723378
003	DE-604
005	20140730
007	t
008	111124s2011 ad\|\| \|\|\|\| 00\|\|\| eng d
020			\|a 0321268172 \|9 0-321-26817-2
020			\|a 9780321268174 \|9 978-0-321-26817-4
035			\|a (OCoLC)767793131
035			\|a (DE-599)BVBBV039723378
040			\|a DE-604 \|b ger
041	0		\|a eng
049			\|a DE-706 \|a DE-739 \|a DE-29T \|a DE-573
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
100	1		\|a Carrier, Brian \|e Verfasser \|0 (DE-588)131765736 \|4 aut
245	1	0	\|a File system forensic analysis \|c Brian Carrier
250			\|a [Nachdr.]
264		1	\|a Upper Saddle River, NJ [u.a.] \|b Addison-Wesley \|c 2011
300			\|a XX, 569 S. \|b Ill., graph. Darst. \|c 24cm
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
500			\|a Hier auch später erschienene, unveränderte Nachdrucke
650	0	7	\|a Computerforensik \|0 (DE-588)4774034-6 \|2 gnd \|9 rswk-swf
650	0	7	\|a Dateisystem \|0 (DE-588)4464537-5 \|2 gnd \|9 rswk-swf
689	0	0	\|a Dateisystem \|0 (DE-588)4464537-5 \|D s
689	0	1	\|a Computerforensik \|0 (DE-588)4774034-6 \|D s
689	0		\|8 1\p \|5 DE-604
856	4	2	\|m Digitalisierung UB Passau \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=024571426&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-024571426
883	1		\|8 1\p \|a cgwrk \|d 20201028 \|q DE-101 \|u https://d-nb.info/provenance/plan#cgwrk

Datensatz im Suchindex

_version_	1804148602966114304
adam_text	Contents Foreword xiii Preface xv Acknowledgments xix Part I Foundations Chapter I Digital Investigation Foundations 3 Digital Investigations and Evidence 3 Digital Crime Scene Investigation Process 5 Data Analysis 10 Overview of Toolkits 13 Summary 15 Bibliography 16 Chapter 2 Computer Foundations 17 Data Organization 17 Booting Process 27 Hard Disk Technology 29 Summary 44 Bibiography 45 Chapter 3 Hard Disk Data Acquisition 47 Introduction 47 Reading the Source Data 49 Writing the Output Data 56 VII A Case Study Using dd 60 Summary 66 Bibliography 66 Part II Volume Analysis Chapter 4 Volume Analysis 69 Introduction 69 Background 70 Analysis Basics 75 Summary 80 Chapter 5 PC-based Partitions 8 1 DOS Partitions 81 Apple Partitions 101 Removable Media 107 Bibliography 109 Chapter 6 Server-based Partitions I I I BSD Partitions 111 Sun Solaris Slices 127 GPT Partitions 139 Summary 145 Bibliography 145 Chapter 7 Multiple Disk Volumes 147 RAID 147 Disk Spanning 156 Bibliography 170 Part III File System Analysis Chapter 8 File System Analysis 1 73 What Is a File System? 173 File System Category 177 Content Category 178 Metadata Category 186 File Name Category 198 Application Category 205 Application-level Search Techniques 206 Specific File Systems 207 Summary 208 Bibliography 209 Chapter 9 FAT Concepts and Analysis 2 1 I Introduction 211 File System Category 213 Content Category 221 Metadata Category 227 File Name Category 239 The Big Picture 244 Other Topics 247 Summary 250 Bibliography 251 Chapter 10 FAT Data Structures 253 Boot Sector 253 FAT32 FSINFO 259 FAT 260 Directory Entries 261 Long File Name Directory Entries 267 Summary 271 Bibliography 271 Chapter I I NTFS Concepts 273 Introduction 273 Everything is a File 274 MFT Concepts 274 MFT Entry Attribute Concepts 279 Other Attribute Concepts 284 Indexes 290 Analysis Tools 296 Summary 297 Bibliography 297 Chapter 12 NTFS Analysis 301 File System Category 301 Content Category 311 Metadata Category 316 File Name Category 333 Application Category 339 The Big Picture 344 Other Topics 348 Summary 349 Bibliography 350 Chapter 13 NTFS Data Structures 351 Basic Concepts 351 Standard File Attributes 359 Index Attributes and Data Structures 369 File System Metadata Files 378 Summary 395 Bibliography 396 Chapter 14 Ext2 and Ext3 Concepts and Analysis 397 Introduction 397 File System Category 399 Content Category 408 Metadata Category 412 File Name Category 423 Application Category 437 The Big Picture 441 Other Topics 445 Summary 447 Bibliography 447 Chapter 15 Ext2 and Ext3 Data Structures 449 Superblock 449 Group Descriptor Tables 455 Block Bitmap 456 Inodes 457 Extended Attributes 462 Directory Entry 467 Symbolic Link 470 Hash Trees Journal Data Structures Summary Bibliography Chapter 16 UFSI and UFS2 Concepts and Analysis Introduction File System Category Content Category Metadata Category File Name Category The Big Picture Other Topics Summary Bibliography Chapter 17 UFSI and UFS2 Data Structures UFSI Superblock UFS2 Superblock Cylinder Group Summary UFSI Group Descriptor UFS2 Group Descriptor Block and Fragment Bitmaps UFSI Inodes UFS2 Inodes UFS2 Extended Attributes Directory Entries Summary Bibliography Appendix A The Sleuth Kit and Autopsy The Sleuth Kit Autopsy Bibliography 470 472 478 478 479 479 481 488 492 497 500 504 506 506 509 509 515 520 521 524 525 527 530 532 534 536 536 537 537 544 545 Index 547
any_adam_object	1
author	Carrier, Brian
author_GND	(DE-588)131765736
author_facet	Carrier, Brian
author_role	aut
author_sort	Carrier, Brian
author_variant	b c bc
building	Verbundindex
bvnumber	BV039723378
classification_rvk	ST 277
ctrlnum	(OCoLC)767793131 (DE-599)BVBBV039723378
discipline	Informatik
edition	[Nachdr.]
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01559nam a2200385 c 4500</leader><controlfield tag="001">BV039723378</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20140730 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">111124s2011 ad\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0321268172</subfield><subfield code="9">0-321-26817-2</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780321268174</subfield><subfield code="9">978-0-321-26817-4</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)767793131</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV039723378</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-706</subfield><subfield code="a">DE-739</subfield><subfield code="a">DE-29T</subfield><subfield code="a">DE-573</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Carrier, Brian</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)131765736</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">File system forensic analysis</subfield><subfield code="c">Brian Carrier</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">[Nachdr.]</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, NJ [u.a.]</subfield><subfield code="b">Addison-Wesley</subfield><subfield code="c">2011</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XX, 569 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield><subfield code="c">24cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Hier auch später erschienene, unveränderte Nachdrucke</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computerforensik</subfield><subfield code="0">(DE-588)4774034-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Dateisystem</subfield><subfield code="0">(DE-588)4464537-5</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Dateisystem</subfield><subfield code="0">(DE-588)4464537-5</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computerforensik</subfield><subfield code="0">(DE-588)4774034-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="8">1\p</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=024571426&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-024571426</subfield></datafield><datafield tag="883" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="a">cgwrk</subfield><subfield code="d">20201028</subfield><subfield code="q">DE-101</subfield><subfield code="u">https://d-nb.info/provenance/plan#cgwrk</subfield></datafield></record></collection>
id	DE-604.BV039723378
illustrated	Illustrated
indexdate	2024-07-10T00:09:45Z
institution	BVB
isbn	0321268172 9780321268174
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-024571426
oclc_num	767793131
open_access_boolean
owner	DE-706 DE-739 DE-29T DE-573
owner_facet	DE-706 DE-739 DE-29T DE-573
physical	XX, 569 S. Ill., graph. Darst. 24cm
publishDate	2011
publishDateSearch	2011
publishDateSort	2011
publisher	Addison-Wesley
record_format	marc
spelling	Carrier, Brian Verfasser (DE-588)131765736 aut File system forensic analysis Brian Carrier [Nachdr.] Upper Saddle River, NJ [u.a.] Addison-Wesley 2011 XX, 569 S. Ill., graph. Darst. 24cm txt rdacontent n rdamedia nc rdacarrier Hier auch später erschienene, unveränderte Nachdrucke Computerforensik (DE-588)4774034-6 gnd rswk-swf Dateisystem (DE-588)4464537-5 gnd rswk-swf Dateisystem (DE-588)4464537-5 s Computerforensik (DE-588)4774034-6 s 1\p DE-604 Digitalisierung UB Passau application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=024571426&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis 1\p cgwrk 20201028 DE-101 https://d-nb.info/provenance/plan#cgwrk
spellingShingle	Carrier, Brian File system forensic analysis Computerforensik (DE-588)4774034-6 gnd Dateisystem (DE-588)4464537-5 gnd
subject_GND	(DE-588)4774034-6 (DE-588)4464537-5
title	File system forensic analysis
title_auth	File system forensic analysis
title_exact_search	File system forensic analysis
title_full	File system forensic analysis Brian Carrier
title_fullStr	File system forensic analysis Brian Carrier
title_full_unstemmed	File system forensic analysis Brian Carrier
title_short	File system forensic analysis
title_sort	file system forensic analysis
topic	Computerforensik (DE-588)4774034-6 gnd Dateisystem (DE-588)4464537-5 gnd
topic_facet	Computerforensik Dateisystem
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=024571426&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT carrierbrian filesystemforensicanalysis

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge