“This is a must-have work for anybody in information security, digital forensics, or involved with incident handling. As we move away from traditional disk-based analysis into the interconnectivity of the cloud, Sherri and Jonathan have created a framework and roadmap that will act as a seminal work in this developing field.”
– Dr. Craig S. Wright (GSE), Asia Pacific Director at Global Institute for Cyber Security + Research.
“It’s like a symphony meeting an encyclopedia meeting a spy novel.”
–Michael Ford, Corero Network Security
On the Internet, every action leaves a mark–in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.
Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace.Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history–and cached web pages, too–from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.
Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence. You can download the evidence files from the authors’ web site (lmgsecurity.com), and follow along to gain hands-on experience.
Hackers leave footprints all across the Internet. Can you find their tracks and solve the case? Pick up Network Forensics and find out.
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Dedication Page
- About the Authors
- Part I: Foundation
- Part II: Traffic Analysis
- Part III: Network Devices and Servers
- Part IV: Advanced Topics
- Title: Network Forensics: Tracking Hackers through Cyberspace
- Release date: June 2012
- Publisher(s): Pearson
- ISBN: 9780132565110
You might also like
Practical Packet Analysis, 3rd Edition
Wireshark is the world's most popular network sniffer that makes capturing packets easy, but it won't …
In Penetration Testing, security researcher and trainer Georgia Weidman provides you with a survey of important …
The Web Application Hacker's Handbook, 2nd Edition
The highly successful security book returns with a new edition, completely updated Web applications are the …
Linux Basics for Hackers
If you’re getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for …