Tuesday, 20 September 2011

“Network Forensics”: A Review

I have had the good fortune to have been asked to proof and review a forthcoming book by Sherri Davidoff and Jonathan Ham titled Network Forensics. I say good fortune as this is one of the best forensics books I have read and I have read more than a few. More so, this has to be the most comprehensive network forensic tome available.

This book is clear and well written and constructed with many excellent interludes and examples dispersed throughout.

The authors take the reader on a journey through the network layers building an in-depth a deep comprehension of this at times difficult topic. I have to say, this is THE reference volume for anybody involved with incident handling and digital forensics. As we move away from traditional systems of isolated systems and disk based analysis of compromised systems into the interconnectivity of the cloud, Sherri and Jonathon have created a framework and roadmap that will act as a seminal work in this developing field.

The book starts with an easily comprehended introduction into networking and networked systems and takes the reader on a journey through the protocols before it arrives at its destination of imparting an incredible set of knowledge concerning the analysis of network based attacks and incidents. The quantity of information provided is outstanding whilst still managing to remain clear and disambiguous. This book has everything the aspiring network forensic professional needs to know.

This is a must have work for anybody in information security, digital forensics or involved with incident handling. It is not simply a reference, it is a methodology. As they state, “a well-trained forensic investigator should be familiar with a variety of tools and techniques”. Not only do they show you the value of the various tools, they create a framework that instructs the reader when to use these tools.
The best compliment I can give them is that I will be using their book as the foundational text in creating a Masters level course in Network Forensics to complement the existing Masters degree in Digital forensics that we offer at Charles Sturt University.

2 comments:

Paul Bryant said...

Could you please post the publisher and ISBN number for the book?

Dr Craig S Wright GSE said...

Addison-Wesley
Network Forensics: Catching Hackers on the Wire

Sheri Davidoff and Jonathan Ham

I do not have the ISBN as yet.