Chapter 10. Server-side Compromise
This is the moment of truth. Now you are ready to see NSM in action. In this chapter, weâll put the theory, tools, and process to work in a simple compromise scenario. So far, youâve implemented a sensor using SO and collected some NSM data. Now you plan to analyze the available evidence.
This chapter demonstrates a server-side compromiseâone of the major categories of malicious network activity youâre likely to encounter. The next chapter demonstrates a client-side compromise, which may be even more popular than the server-side variant. We begin with a server-side compromise because it is conceptually ...
Get The Practice of Network Security Monitoring now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.