Skip to Main Content
Inside Cyber Warfare
book

Inside Cyber Warfare

by Jeffrey Carr
December 2009
Intermediate to advanced content levelIntermediate to advanced
232 pages
7h 30m
English
O'Reilly Media, Inc.
Content preview from Inside Cyber Warfare

Chapter 9. Investigating Attribution

A well-designed, defensible network should have a number of monitoring elements available for forensic analysis when it is attacked or compromised. For example, most networks will have deployed intrusion detection systems, firewall and router traffic logs, and access logs contained on the server itself. There exists a bevy of tools and techniques that can allow an investigator to gain further insight using open source data. This includes routing information from the border gateway protocol (BGP),[36] domain name system (DNS), darknet monitoring, blacklist services (such as those offered by Spamhaus, CBL, etc.), and, to a lesser degree, Internet registry information (e.g., ARIN, RIPE, APNIC, etc.).

Performing a traceroute on each IP will show an experienced computer security engineer where the attacks originated from and what path the packets took to get to the target.

This chapter takes a rudimentary look at these computer forensic tools by way of some real-world examples.

Using Open Source Internet Data

The following serves as an introduction to several key internetworking concepts. This is fairly complex subject matter, and will be discussed only at a very high level here.

The border gateway protocol (BGP) is widely characterized as the “glue of the Internet.” Every Internet service provider uses BGP to move packets between source and destination nodes. Essentially, each BGP “speaking” router will dynamically maintain a table of network addresses, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Inside Cyber Warfare, 2nd Edition

Inside Cyber Warfare, 2nd Edition

Jeffrey Carr
Cyber Warfare

Cyber Warfare

Jason Andress, Steve Winterfeld
Cyber Warfare, 2nd Edition

Cyber Warfare, 2nd Edition

Jason Andress, Steve Winterfeld
The Basics of Cyber Warfare

The Basics of Cyber Warfare

Jason Andress, Steve Winterfeld

Publisher Resources

ISBN: 9781449377229Errata Page