This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."
Download it now to read this article plus other related content.
"The biggest thing is to be prepared, know your decision trees and when it comes to forensics, hands off until an expert is there," Jenkins says.
|Looking for forensics help?|
Helpful tips are a few clicks away
High Technology Crime Investigation Association. Promotes the exchange of information about investigative and security techniques.
The SANS Institute. Offers the GIAC Certified Forensics Analyst credential. Site lists GCFA certified professionals.
International Information Systems Forensics Association (IISFA). Nonprofit organization that promotes the discipline of forensics. Offers the Certified Information Forensics Investigator certification.
The CERT forensics team. CERT is part of the Software Engineering Institute at Carnegie Mellon University. Resources include computer forensics guides for first responders.
International Society of Forensic Computer Examiners. A private Virginia company that offers the Certified Computer Examiner certification.
U.S. Department of Justice, Computer Crime and Intellectual Property Section. Provides guidelines on how to report cybercrimes as well as searching and seizing computers and obtaining electronic evidence in criminal investigations.
National Cyber-Forensics and Training Alliance. A public-private partnership that facilities training, promotes security awareness and conducts forensic analysis.
This was first published in September 2007