12PACKET ANALYSIS FOR SECURITY
Although most of this book focuses on using packet analysis for network troubleshooting, a considerable amount of real-world packet analysis is done for security purposes. For example, an intrusion analyst might review network traffic from potential intruders, or a forensic investigator might attempt to ascertain the extent of a malware infection on a compromised host.
Performing packet analysis while investigating security incidents is always a challenging scenario because it involves the unknown element of an attacker-controlled device. You can’t walk over to the attacker’s cubicle to ask a question or baseline ...
Get Practical Packet Analysis, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
