Windows Forensics and Incident Recovery

*The first book to focus on forensics and incident recovery in a Windows environment
*Teaches through case studies and real world-examples
*Covers Windows Server 2003, Windows 2000, Windows NT, and Windows XP

If you're responsible for protecting Windows systems, firewalls and anti-virus aren't enough. You also need to master incident response, recovery, and auditing. Leading Windows security expert and instructor Harlan Carvey offers a start-to-finish guide to the subject: everything administrators must know to recognize and respond to virtually any attack.

Drawing on his widely acclaimed course, Carvey uses real-world examples to cover every significant incident response, recovery, and forensics technique. He delivers a complete incident response toolset that combines today's best open source and freeware tools, his own exclusive software and scripts, and step-by-step instructions for using them. This book's tools and techniques apply to every current and professional version of Windows: NT, 2000, XP, and Windows Server 2003. Coverage includes:

*Developing a practical methodology for responding to potential attacks
*Preparing your systems to prevent and detect incidents
*Recognizing the signatures of an attackin time to act
*Uncovering attacks that evade detection by Event Viewer, Task Manager, and other Windows GUI tools
*Using the Forensic Server Project to automate data collection during live investigations
*Analyzing live forensics data in order to determine what occurred

http://rapidshare.com/files/40489622/0321200985.rar
http://depositfiles.com/files/1136715