Where Can I Study Computer Forensics? 25
Porthos asks: "Like many in the Slashdot community (though not all), I'm kind of bored at work. With tech work, there's always something more interesting than what I'm doing because I only have a few years experience and a Bachelor's degree. I want to go to grad school to study Computer Forensics, but I haven't a clue about where to start. Have any Slashdot readers taken this path? Are there any major universities that cater to this field? I know that some organizations, such as the FBI, have teams dedicated to Computer Forensics, but what is the rest of the forensics job market like?"
Try UNO (Score:5, Informative)
The college [nebraska.edu]
The university [unomaha.edu]
Check out TU (Score:1)
Check out cis.utulsa.edu
I'm doing a PHD in IA and did the class last semester - it was intense but you won't find better!
Lots of people (Score:3, Interesting)
If you watch enough episodes of The New Detectives [discovery.com], you'll see them figure out how to rescue data off of badly beaten and formatted floppies.
Try Utica (Score:2, Informative)
Strong backgrounds (Score:3, Informative)
RIT (Score:2)
Right here baby (Score:2, Informative)
On-Line articles, LinuxForensics.com, et al. (Score:2)
a US or UK source, one - possibly from the AG
Dep't (US) - went into the practical computer
forensic aspects of crime-scene investigation
- with topics tied to fevices that might hold
info useful to the investigation, and bits on
how to preserve it.
At local police expo's, I've seen small stand-
alone hard-disk mirroring devices.
And there was at least one article (again. on-
line) embracing Linux as the op sys of choice
for computer forensics.
Google is your friend here
Try Michigan State (Score:1)
Wanna get their attention? (Score:4, Funny)
Think of what kind of work you want to do (Score:3, Interesting)
Depending on what kind of work you're looking to eventually get into, consider trying to get a job at an outfit that already does computer forensics.
Australia... (Score:3, Interesting)
University of Virginia (Score:2)
Don't forget SANS (Score:2, Informative)
I'm surprised that no one has mentionned SANS [sans.org] yet.
A search for "forensics" on their home page brings up a list of many System Forensics tracks held at previous and upcoming conferences.
SANS training is not exactly affordable (unless your employer is paying!), but is well recognized and (in my experience) of excellent quality.
There's Two Parts (Score:2)
There are two parts to computer forensics.
The first is the technical; decrypting drives and files, etc. It's for finding out what someone did.
Then there's behavioral forensics. This is the human side, similar to criminal forensics or criminal psychology.
In my opinion the latter is more useful.
Computer Forensics (Score:1)
For more details, see cis.utulsa.edu
Getting started (Score:3, Informative)
I do some forensics for a large company, though not as much as I'd like. There's a couple of ways to get into it:
I don't know how useful a graduate degree specifically in forensics might be; know what you're doing and have a cert or two and you'll be on your way. Then drop out and hang out your own shingle, but that's for another post...
Coincidental timing? (Score:1)
Sun, other vendors (Score:1, Redundant)
Sun's BigAdmin security FAQs [sun.com] page has articles like "Basic Steps in the Forensic Analysis of Unix systems" and "Responding to Customer's Security Incidents". Some of them are from Sun, some from outside sources.
You might also want to try the Linux documentation project [tldp.org] to find some good help files.
Experience (Score:2)
These guys have an investigative department consisting primarily of ex-cops. They don't do much IT work, if any, but rather come to us. I've found that the most valuable resource in performing forensic investigations is experience, hands down.
The team involves people from a number of ops and engineering groups on a part-time basis (w