Learning network forensics : identify and safeguard your network against both internal and external threats, hackers, and malware attacks
(eBook)
Author
Published
Birmingham, UK : Packt Publishing, 2016.
Format
eBook
ISBN
1785282123, 9781785282126
Physical Desc
1 online resource (1 volume) : illustrations.
Status
Description
Loading Description...
Also in this Series
Checking series information...
More Details
Language
English
Notes
General Note
Includes index.
Description
Identify and safeguard your network against both internal and external threats, hackers, and malware attacks About This Book Lay your hands on physical and virtual evidence to understand the sort of crime committed by capturing and analyzing network traffic Connect the dots by understanding web proxies, firewalls, and routers to close in on your suspect A hands-on guide to help you solve your case with malware forensic methods and network behaviors Who This Book Is For If you are a network administrator, system administrator, information security, or forensics professional and wish to learn network forensic to track the intrusions through network-based evidence, then this book is for you. Basic knowledge of Linux and networking concepts is expected. What You Will Learn Understand Internetworking, sources of network-based evidence and other basic technical fundamentals, including the tools that will be used throughout the book Acquire evidence using traffic acquisition software and know how to manage and handle the evidence Perform packet analysis by capturing and collecting data, along with content analysis Locate wireless devices, as well as capturing and analyzing wireless traffic data packets Implement protocol analysis and content matching; acquire evidence from NIDS/NIPS Act upon the data and evidence gathered by being able to connect the dots and draw links between various events Apply logging and interfaces, along with analyzing web proxies and understanding encrypted web traffic Use IOCs (Indicators of Compromise) and build real-world forensic solutions, dealing with malware In Detail We live in a highly networked world. Every digital device - phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network. The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to su...
Reviews from GoodReads
Loading GoodReads Reviews.
Citations
APA Citation, 7th Edition (style guide)
Datt, S. (2016). Learning network forensics: identify and safeguard your network against both internal and external threats, hackers, and malware attacks . Packt Publishing.
Chicago / Turabian - Author Date Citation, 17th Edition (style guide)Datt, Samir. 2016. Learning Network Forensics: Identify and Safeguard Your Network against Both Internal and External Threats, Hackers, and Malware Attacks. Packt Publishing.
Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)Datt, Samir. Learning Network Forensics: Identify and Safeguard Your Network against Both Internal and External Threats, Hackers, and Malware Attacks Packt Publishing, 2016.
MLA Citation, 9th Edition (style guide)Datt, Samir. Learning Network Forensics: Identify and Safeguard Your Network against Both Internal and External Threats, Hackers, and Malware Attacks Packt Publishing, 2016.
Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.
Staff View
Grouped Work ID
91ea8fac-e0e6-10cb-bfb4-e4eea464d463-eng
Grouping Information
| Grouped Work ID | 91ea8fac-e0e6-10cb-bfb4-e4eea464d463-eng |
|---|---|
| Full title | learning network forensics identify and safeguard your network against both internal and external threats hackers and malware attacks |
| Author | datt samir |
| Grouping Category | book |
| Last Update | 2024-09-06 16:31:08PM |
| Last Indexed | 2024-09-20 03:29:14AM |
Book Cover Information
| Image Source | syndetics |
|---|---|
| First Loaded | Sep 13, 2024 |
| Last Used | Sep 18, 2024 |
Marc Record
| First Detected | Jul 29, 2024 04:02:17 PM |
|---|---|
| Last File Modification Time | Sep 06, 2024 04:36:52 PM |
MARC Record
| LEADER | 08121cam a2200577 i 4500 | ||
|---|---|---|---|
| 001 | ocn945637637 | ||
| 003 | OCoLC | ||
| 005 | 20240830103855.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 160328s2016 enka o 001 0 eng d | ||
| 015 | |a GBB6G3417|2 bnb | ||
| 016 | 7 | |a 018010441|2 Uk | |
| 019 | |a 942842479|a 944156584|a 987426725|a 1259180621 | ||
| 020 | |a 1785282123|q (electronic bk.) | ||
| 020 | |a 9781785282126|q (electronic bk.) | ||
| 020 | |z 1782174907 | ||
| 020 | |z 9781782174905 | ||
| 035 | |a (OCoLC)945637637|z (OCoLC)942842479|z (OCoLC)944156584|z (OCoLC)987426725|z (OCoLC)1259180621 | ||
| 037 | |a 3436E245-5507-4D40-A60F-08FDD9860BF5|b OverDrive, Inc.|n http://www.overdrive.com | ||
| 037 | |a CL0500000723|b Safari Books Online | ||
| 040 | |a UMI|b eng|e rda|e pn|c UMI|d IDEBK|d OCLCF|d TEFOD|d N$T|d DEBSZ|d N$T|d KSU|d COO|d DEBBG|d YDXCP|d OCLCQ|d VT2|d REB|d UOK|d CEF|d NLE|d UKMGB|d AGLDB|d IGB|d RDF|d QGK|d OCLCO|d OCLCQ|d OCLCO|d OCLCL|d OCLCQ | ||
| 049 | |a FMGA | ||
| 050 | 4 | |a TK5105.59 | |
| 082 | 0 | 4 | |a 005.8|2 23 |
| 100 | 1 | |a Datt, Samir,|e author. | |
| 245 | 1 | 0 | |a Learning network forensics :|b identify and safeguard your network against both internal and external threats, hackers, and malware attacks /|c Shameer Kunjumohamed, Hamidreza Sattari. |
| 246 | 3 | 0 | |a Identify and safeguard your network against both internal and external threats, hackers, and malware attacks |
| 264 | 1 | |a Birmingham, UK :|b Packt Publishing,|c 2016. | |
| 300 | |a 1 online resource (1 volume) :|b illustrations. | ||
| 336 | |a text|b txt|2 rdacontent | ||
| 337 | |a computer|b c|2 rdamedia | ||
| 338 | |a online resource|b cr|2 rdacarrier | ||
| 347 | |a text file | ||
| 490 | 1 | |a Community experience distilled | |
| 500 | |a Includes index. | ||
| 505 | 0 | |a Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Becoming Network 007s; 007 characteristics in the network world; Bond characteristics for getting to satisfactory completion of the case; The TAARA methodology for network forensics; Identifying threats to the enterprise; Internal threats; External threats; Data breach surveys; Locard's exchange principle; Defining network forensics; Differentiating between computer forensics and network forensics; Strengthening our technical fundamentals; The seven-layer model | |
| 505 | 8 | |a The TCP/IP modelUnderstanding the concept of interconnection between networks/Internet; Internet Protocol (IP); Structure of an IP packet; Transmission Control Protocol (TCP); User Datagram Protocol (UDP); Internet application protocols; Understanding network security; Types of threats; Internal threats; External threats; Network security goals; Confidentiality; Integrity; Availability; How are networks exploited?; Digital footprints; Summary; Chapter 2: Laying Hands on the Evidence; Identifying sources of evidence; Evidence obtainable from within the network | |
| 505 | 8 | |a Evidence from outside the networkLearning to handle the evidence; Rules for the collection of digital evidence; Rule 1: never mishandle the evidence; Rule 2: never work on the original evidence or system; Rule 3: document everything; Collecting network traffic using tcpdump; Installing tcpdump; Understanding tcpdump command parameters; Capturing network traffic using tcpdump; Collecting network traffic using Wireshark; Using Wireshark; Collecting network logs; Acquiring memory using FTK Imager; Summary; Chapter 3: Capturing & Analyzing Data Packets; Tapping into network traffic | |
| 505 | 8 | |a Passive and active sniffing on networksPacket sniffing and analysis using Wireshark; Packet sniffing and analysis using NetworkMiner; Case study -- tracking down an insider; Summary; Chapter 4: Going Wireless; Laying the foundation -- IEEE 802.11; Understanding wireless protection and security; Wired equivalent privacy; Wi-Fi protected access; Wi-Fi Protected Access II; Securing your Wi-Fi network; Discussing common attacks on Wi-Fi networks; Incidental connection; Malicious connection; Ad hoc connection; Non-traditional connections; Spoofed connections; Man-in-the-middle (MITM) connections | |
| 505 | 8 | |a The denial-of-service (DoS) attackCapturing and analyzing wireless traffic; Sniffing challenges in a Wi-Fi world; Configuring our network card; Sniffing packets with Wireshark; Analyzing wireless packet capture; Summary; Chapter 5: Tracking an Intruder on the Network; Understanding Network Intrusion Detection Systems; Understanding Network Intrusion Prevention Systems; Modes of detection; Pattern matching; Anomaly detection; Differentiating between NIDS and NIPS; Using SNORT for network intrusion detection and prevention; The sniffer mode; The packet logger mode | |
| 520 | |a Identify and safeguard your network against both internal and external threats, hackers, and malware attacks About This Book Lay your hands on physical and virtual evidence to understand the sort of crime committed by capturing and analyzing network traffic Connect the dots by understanding web proxies, firewalls, and routers to close in on your suspect A hands-on guide to help you solve your case with malware forensic methods and network behaviors Who This Book Is For If you are a network administrator, system administrator, information security, or forensics professional and wish to learn network forensic to track the intrusions through network-based evidence, then this book is for you. Basic knowledge of Linux and networking concepts is expected. What You Will Learn Understand Internetworking, sources of network-based evidence and other basic technical fundamentals, including the tools that will be used throughout the book Acquire evidence using traffic acquisition software and know how to manage and handle the evidence Perform packet analysis by capturing and collecting data, along with content analysis Locate wireless devices, as well as capturing and analyzing wireless traffic data packets Implement protocol analysis and content matching; acquire evidence from NIDS/NIPS Act upon the data and evidence gathered by being able to connect the dots and draw links between various events Apply logging and interfaces, along with analyzing web proxies and understanding encrypted web traffic Use IOCs (Indicators of Compromise) and build real-world forensic solutions, dealing with malware In Detail We live in a highly networked world. Every digital device - phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network. The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to su... | ||
| 588 | |a Description based on online resource; title from cover page (Safari, viewed March 24, 2016). | ||
| 650 | 0 | |a Computer networks|x Security measures.|0 http://id.loc.gov/authorities/subjects/sh94001277 | |
| 650 | 0 | |a Local area networks (Computer networks)|x Security measures.|0 http://id.loc.gov/authorities/subjects/sh94000861 | |
| 650 | 0 | |a Business enterprises|x Computer networks|x Security measures.|0 http://id.loc.gov/authorities/subjects/sh95010367 | |
| 650 | 0 | |a Computer crimes|x Investigation.|0 http://id.loc.gov/authorities/subjects/sh85029493 | |
| 758 | |i has work:|a Learning Network Forensics (Text)|1 https://id.oclc.org/worldcat/entity/E39PD33DYQKcfjDQx8MpT93M6C|4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 776 | |z 1-78217-490-7 | ||
| 830 | 0 | |a Community experience distilled.|0 http://id.loc.gov/authorities/names/no2011030603 | |
| 856 | 4 | 0 | |u https://www.aclib.us/OReilly |