Using Computer Forensics When Investigating System Attacks

Using Computer Forensics When Investigating System Attacks

by Joel Weise and Brad Powell
April, 2005

This Sun BluePrints Online article describes how to use computer forensics when investigating attacks on a computer system. Computer forensics is an approach that helps investigators identify the source of an attack on an organization's systems and helps with assessing and recovering from any damage resulting from such an attack.

Computer forensic investigations must be conducted in such a way that the information collected could be introduced as evidence in a court of law during the criminal prosecution of the attacker. Failure to follow guidelines for handling evidence might preclude an organization from being able to successfully prosecute the attacker(s). Although not all computer-forensic investigations lead to prosecution, organizations should always collect evidence using a methodology that can stand up in a court of law.

Labels

security security Delete
datacenter datacenter Delete
blueprint blueprint Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Sign up or Log in to add a comment or watch this page.


The individuals who post here are part of the extended Sun Microsystems community and they might not be employed or in any way formally affiliated with Sun Microsystems. The opinions expressed here are their own, are not necessarily reviewed in advance by anyone but the individual authors, and neither Sun nor any other party necessarily agrees with them.

Copyright 1994-2009 Sun Microsystems, Inc.
Powered by Atlassian Confluence Sun Guidelines on Public Discourse Privacy Policy Terms of Use Trademarks Site Map Employment Investor Relations Contact