Fight crime. Unravel incidents... one byte at a time. This paper is from the SANS Computer Forensics and e-Discovery site. Reposting is not permited without express written permission.
Copyright SANS Institute Author Retains Full Rights
Interested in learning more? Check out the list of upcoming events offering "Advanced Computer Forensic Analysis and Incident Response (Forensics 508)" at http://computer-forensics.sans.orghttp://computer-forensics.sans.org/events/