Network Forensics: Tracking Hackers through Cyberspace Author: Sherri Davidoff | Language: English | ISBN:
0132564718 | Format: EPUB
Network Forensics: Tracking Hackers through Cyberspace Description
“This is a must-have work for anybody in information security, digital forensics, or involved with incident handling. As we move away from traditional disk-based analysis into the interconnectivity of the cloud, Sherri and Jonathan have created a framework and roadmap that will act as a seminal work in this developing field.”– Dr. Craig S. Wright (GSE), Asia Pacific Director at Global Institute for Cyber Security + Research.
On the Internet, every action leaves a mark–in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.
Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence. You can download the evidence files from the authors’ web site (lmgsecurity.com), and follow along to gain hands-on experience.
- Hardcover: 576 pages
- Publisher: Prentice Hall; 1 edition (June 23, 2012)
- Language: English
- ISBN-10: 0132564718
- ISBN-13: 978-0132564717
- Product Dimensions: 9 x 7.1 x 1.4 inches
- Shipping Weight: 2.3 pounds (View shipping rates and policies)
With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel. But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space.
Author's Jonathan Ham and Sherri Davidoff are both SANS Institute instructors, and bring significant real-world experience to every chapter. Martin McKeay has an interview (albeit dated) with the authors on his web site here about their SANS course on network forensics.
In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.
While the book Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet provides a comprehensive overview of the topic; Network Forensics: Tracking Hackers through Cyberspace focuses at the packet level.
Part 2, which is about a third of the book, is spent on traffic analysis, with all-embracing coverage of concepts and topics such as statistical flow analysis, wireless traffic capture and analysis, NIDS detection and analysis, packet logging and more.
Readers should be very comfortable with Wireshark packet capture output, which the book extensively references. Those not quite comfortable with packet capture analysis will likely find this book way over their head.
Part 3 focuses on network devices and logging for all types of network devices. Detailed logging aspects for switches, routers and firewalls are dealt with.
The last 2 chapters deal with advanced topics such as network tunneling and malware forensics.
Network Forensics: Tracking Hackers through Cyberspace Preview
Link
Please Wait...