|Book Review: Digital Forensics with Open Source Tools
||[Jun. 18th, 2011|01:41 pm]
Recently I got a copy of Digital Forensics with Open Source Tools by Cory Altheide and Harlan Carvey. It's a good compendium of open source forensics tools. They are broken up by task and operating system, which a brief introduction to each topic. The open source software (OSS) for each is explained and demonstrated with screenshots and examples.
This isn't a textbook on how to do forensics, but instead a guide on how to use OSS tools to get the job done. I'd recommend that readers who are new to forensics read this book but then flesh out their knowledge with something more in-depth before tackling a full case. This is not a book about forensic concepts, but about the tools.
There was something I felt was missing from the book. The nature of OSS means that communicating and getting support from the developers is vastly different than other projects. OSS projects are usually maintained by volunteers. This is a good thing in that they are not restricted by big company bureaucracy, but it's also a bad thing in that they don't have the support of a big company. There are no guarantees about what kind of help you're going to get. Some day I need to write a post entitled, "How to get free work from your open source developer" or "How to keep your open source developer from wanting to brain you with a car battery." On second thought that could be the title of my book. Hmm. Long story short: You're asking somebody you've never met to do something for you for free. Be nice.