Sherri Davidoff, Jonathan Ham - Network Forensics - Tracking Hackers through Cyberspace [2012, PDF, ENG]

Видео уроки, книги, учебники по компьютерным сетям и коммуникациям
Торрент Сидеров Личеров Размер
0 1 19.8 МБ
Аватара пользователя
Сообщения: 25933
Зарегистрирован: 05 ноя 2011, 22:02

Sherri Davidoff, Jonathan Ham - Network Forensics - Tracking Hackers through Cyberspace [2012, PDF, ENG]

Сообщение Nik » 27 дек 2013, 23:03

Network Forensics - Tracking Hackers through Cyberspace

Год: 2012
Автор: Sherri Davidoff, Jonathan Ham
Издательство: Prentice Hall
ISBN: 0132564718
Язык: Английский
Формат: PDF
Качество: Изначально компьютерное (eBook)
Интерактивное оглавление: Да
Количество страниц: 574
Описание:Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace. Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history–and cached web pages, too–from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.

Features -

• Presents a proven, start-to-finish methodology for managing any network forensics investigation
• Enables professionals to uncover powerful forensic evidence from routers, firewalls, IDS, web proxies, and many other network devices
• Based on the world's first comprehensive Network Forensics training course, offered by the SANS Institute - a course that now sells out months in advance
Примеры страниц



About the Authors

Part I: Foundation
Chapter 1: Practical Investigative Strategies
1.1 Real-World Cases
1.2 Footprints
1.3 Concepts in Digital Evidence
1.4 Challenges Relating to Network Evidence
1.5 Network Forensics Investigative Methodology (OSCAR)
1.6 Conclusion

Chapter 2: Technical Fundamentals
2.1 Sources of Network-Based Evidence
2.2 Principles of Internetworking
2.3 Internet Protocol Suite
2.4 Conclusion

Chapter 3: Evidence Acquisition
3.1 Physical Interception
3.2 Traffic Acquisition Software
3.3 Active Acquisition
3.4 Conclusion

Part II: Traffic Analysis
Chapter 4: Packet Analysis
4.1 Protocol Analysis
4.2 Packet Analysis
4.3 Flow Analysis
4.4 Higher-Layer Traffic Analysis
4.5 Conclusion
4.6 Case Study: Ann’s Rendezvous

Chapter 5: Statistical Flow Analysis
5.1 Process Overview
5.2 Sensors
5.3 Flow Record Export Protocols
5.4 Collection and Aggregation
5.5 Analysis
5.6 Conclusion
5.7 Case Study: The Curious Mr. X

Chapter 6: Wireless: Network Forensics Unplugged
6.1 The IEEE Layer 2 Protocol Series
6.2 Wireless Access Points (WAPs)
6.3 Wireless Traffic Capture and Analysis
6.4 Common Attacks
6.5 Locating Wireless Devices
6.6 Conclusion
6.7 Case Study: HackMe, Inc.

Chapter 7: Network Intrusion Detection and Analysis
7.1 Why Investigate NIDS/NIPS?
7.2 Typical NIDS/NIPS Functionality
7.3 Modes of Detection
7.4 Types of NIDS/NIPSs
7.5 NIDS/NIPS Evidence Acquisition
7.6 Comprehensive Packet Logging
7.7 Snort
7.8 Conclusion
7.9 Case Study: Inter0ptic Saves the Planet (Part 1 of 2)

Part III: Network Devices and Servers
Chapter 8: Event Log Aggregation, Correlation, and Analysis
8.1 Sources of Logs
8.2 Network Log Architecture
8.3 Collecting and Analyzing Evidence
8.4 Conclusion
8.5 Case Study: L0ne Sh4rk’s Revenge

Chapter 9: Switches, Routers, and Firewalls
9.1 Storage Media
9.2 Switches
9.3 Routers
9.4 Firewalls
9.5 Interfaces
9.6 Logging
9.7 Conclusion
9.8 Case Study: Ann’s Coffee Ring

Chapter 10: Web Proxies
10.1 Why Investigate Web Proxies?
10.2 Web Proxy Functionality
10.3 Evidence
10.4 Squid
10.5 Web Proxy Analysis
10.6 Encrypted Web Traffic
10.7 Conclusion
10.8 Case Study: Inter0ptic Saves the Planet (Part 2 of 2)

Part IV: Advanced Topics
Chapter 11: Network Tunneling
11.1 Tunneling for Functionality
11.2 Tunneling for Confidentiality
11.3 Covert Tunneling
11.4 Conclusion
11.5 Case Study: Ann Tunnels Underground

Chapter 12: Malware Forensics
12.1 Trends in Malware Evolution
12.2 Network Behavior of Malware
12.3 The Future of Malware and Network Forensics
12.4 Case Study: Ann’s Aurora


У вас нет необходимых прав для просмотра вложений в этом сообщении.