Linda Volonino - Computer Forensics For Dummies

Computer Forensics For Dummies

by Linda Volonino (Ph.D., MBA, CISSP, ACFE)

and

Reynaldo Anzaldua (MBA, CISSP, EnCE, CHFI, IBM I-Series)

Computer Forensics For Dummies

Published by
Wiley Publishing, Inc.
111 River St.
Hoboken, NJ 07030-5774
www.wiley.com

Copyright 2008 by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.

Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Website may provide or recommendations it may make. Further, readers should be aware that Internet Websites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services, please contact our Customer Care Department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002.

For technical support, please visit www.wiley.com/techsupport.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Library of Congress Control Number: 2008935815

ISBN: 978-0-470-37191-6

Manufactured in the United States of America

10 9 8 7 6 5 4 3 2 1

About the Authors

Linda Volonino (Ph.D., MBA, CISSP, ACFE) entered the field of computer forensics in 1998 with a Ph.D. and MBA in Information Systems. She's taught computer forensics at the State University of New York at Buffalo School of Law, and to attorneys and state Supreme Court Justices as part of Continuing Legal Education (CLE) programs, and to the FBI. In 2003, Linda was the computer forensics adviser to Michael Battle, then-U.S. Attorney for the Western District of New York. She's a computer forensics investigator and expert witness with Robson Forensic, Inc. working for plaintiff and defense lawyers in civil and criminal cases.

Linda's given many entertaining/frightening seminars, including several in Las Vegas entitled What Goes On in Vegas, Stays. She has co-authored four textbooks; two on information technology, one on information security, and one on computer forensics the latter with Rey Anzaldua and Jana Godwin. She's a member of InfraGard and Program Chair for the Conference on Digital Forensics, Security and Law (CDFSL 2009). She can be reached via her blog at http://computerforensicsonline.wordpress.com/.

Reynaldo Anzaldua (MBA, CISSP, EnCE, CHFI, IBM I-Series) has been doing computer forensics since 1987 when it was only thought of as data recovery and considered an arcane geek skill. He has worked the computer field spectrum from computer repair technician to Information Technology director for various firms domestic and international as well as founding several computer related firms. In his current capacity at South Texas College, Rey created a new degree in Information Security and currently instructs in a wide range of computer security subjects. As part of the community mission of South Texas College, he is also working with the State Bar of Texas to offer Continuing Legal Education (CLE) programs to help attorneys understand computer forensic issues.

Rey is often asked to comment on television, radio, and newspaper regarding topics such as computer forensics, computer security, Internet privacy issues, and identity theft. In addition to regular media, he also gives seminars and guest speaks for various civic organizations.

He is currently helping to advise members of the Texas Legislature on issues regarding computer forensics and security in addition to keeping busy with a small consulting business specializing in computer, crime scene, and DNA forensics. He has worked with clients at the local, State, Federal, and International level over the years on a wide array of forensic cases as well as co-authoring a previous book on computer forensics.

He can be reached via r.anzaldua@csi-worldwide.com , rey@southtexascollege.edu , or http://computerforensicsonline.wordpress.com/.

Dedication

To my parents and children: Each one encourages me in their unique way to keep reaching higher.

Reynaldo Anzaldua

Authors' Acknowledgments

We were most fortunate to have the world's best team working with us. Great thanks to Amy Fandrei, Acquisitions Editor, and Rebecca Senninger, Project Editor.

And very special thanks to our copy editor Becky Whitney and technical editor Brian Koerner. We're grateful to Mary Bednarek, Executive Acquisitions Director of Dummies Tech, for launching the project and Melody Layne, Business Development Account Manager, for putting us into motion. Sincere thanks.

Publisher's Acknowledgments

We're proud of this book; please send us your comments through our online registration form located at www.dummies.com/register/.

Some of the people who helped bring this book to market include the following:

Acquisitions, Editorial, and Media Development

Project Editor: Rebecca Senninger

Acquisitions Editor: Amy Fandrei

Copy Editor: Rebecca Whitney

Technical Editor: Brian Koerner

Editorial Manager: Leah Cameron

Editorial Assistant: Amanda Foxworth

Sr. Editorial Assistant: Cherie Case

Cartoons: Rich Tennant (www.the5thwave.com)

Composition Services

Project Coordinator: Erin Smith