17. Tools for Attacking Network Security Monitoring

This is not a “hacking book.” The purpose of this book is to help analysts, engineers, and managers build and improve their NSM operations. When trying to analyze traffic, deploy sensors, or plan for the future, it helps to understand some of the tools that adversaries may employ. This chapter discusses several tools and exploits representative of various phases of compromise, with the emphasis on the traffic these tools generate. This will help you identify when such tools are being used against your system.

Throughout the book I've tried to avoid covering material published elsewhere. I continue that theme in this chapter, where you'll find tools other authors have not discussed. Other excellent ...

Get The Tao of Network Security Monitoring Beyond Intrusion Detection now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.