Network Forensics: Tracking Hackers through Cyberspace
eBook Details:
- Hardcover: 576 pages
- Publisher: WOW! eBook; 1st edition (June 23, 2012)
- Language: English
- ISBN-10: 0132564718
- ISBN-13: 978-0132564717
eBook Description:
Network Forensics: Tracking Hackers through Cyberspace
Network forensics is transforming the way investigators examine computer crime: they have discovered that the network holds far more evidence than could ever be retrieved from a local hard drive. Network forensic skills are in especially short supply, and professionals are flocking to the scarce resources available for mastering these skills. Now, for the first time, there’s a comprehensive and practical book on the subject. Building on their pioneering SANS Institute course, top network forensics experts Jonathan Ham and Sherri Davidoff take readers through an exciting, entertaining, and technically rigorous journey through the skills and principles of successful network investigation. One step at a time, they demonstrate how to recover usable forensic evidence from firewalls, web proxies, IDS, routers, wireless access points, and even raw packet captures.
Hackers leave footprints all across the Internet. Can you find their tracks and solve the case? Pick up Network Forensics: Tracking Hackers through Cyberspace and find out.
Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace.Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history and cached web pages, too from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.
Features
- Presents a proven, start-to-finish methodology for managing any network forensics investigation
- Enables professionals to uncover powerful forensic evidence from routers, firewalls, IDS, web proxies, and many other network devices
- Based on the world’s first comprehensive Network Forensics training course, offered by the SANS Institute – a course that now sells out months in advance
Network forensics is transforming the way investigators examine computer crime: they have discovered that the network holds far more evidence than could ever be retrieved from a local hard drive. Network forensic skills are in especially short supply, and professionals are flocking to the scarce resources available for mastering these skills. Now, for the first time, there’s a comprehensive and practical book on the subject. Building on their pioneering SANS Institute course, top network forensics experts Jonathan Ham and Sherri Davidoff take readers through an exciting, entertaining, and technically rigorous journey through the skills and principles of successful network investigation. One step at a time, they demonstrate how to recover usable forensic evidence from firewalls, web proxies, IDS, routers, wireless access points, and even raw packet captures.
Coverage includes:
- Understanding the unique challenges associated with network investigation
- Mastering the state-of-the-art OSCAR Network Forensics Investigative Methodology
- Acquiring evidence passively, actively, and interactively
- Aggregating, correlating, and analyzing event logs
- Investigating compromised encryption and SSL interception
And much more Every section contains a real-world case study, and the book culminates with a “Capstone” case study walking through an entire investigation from start to finish, and challenging readers to solve the crime themselves.
On the Internet, every action leaves a mark-in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.
Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace.Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history and cached web pages, too from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.
Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence. You can download the evidence files from the authors’ web site (lmgsecurity.com), and follow along to gain hands-on experience.
Hackers leave footprints all across the Internet. Can you find their tracks and solve the case? Pick up Network Forensics: Tracking Hackers through Cyberspace and find out.
[download id=”1331″]