- Learning Network Forensics
- Table of Contents
- Learning Network Forensics
- Credits
- About the Author
- About the Reviewers
- www.PacktPub.com
- Preface
- 1. Becoming Network 007s
- 007 characteristics in the network world
- Identifying threats to the enterprise
- Data breach surveys
- Defining network forensics
- Differentiating between computer forensics and network forensics
- Strengthening our technical fundamentals
- Understanding network security
- Network security goals
- Digital footprints
- Summary
- 2. Laying Hands on the Evidence
- 3. Capturing & Analyzing Data Packets
- 4. Going Wireless
- 5. Tracking an Intruder on the Network
- 6. Connecting the Dots – Event Logs
- 7. Proxies, Firewalls, and Routers
- 8. Smuggling Forbidden Protocols – Network Tunneling
- 9. Investigating Malware – Cyber Weapons of the Internet
- 10. Closing the Deal – Solving the Case
- Index
Readers must be aware of the basics of operating systems such as Linux and Windows as well as networking concepts such as TCP/IP and routers.
The book uses the following software:
- Tcpdump with the libpcap library
- Wireshark
- FTK Imager (AccessData)
- NetworkMiner for passive network sniffing
- SNORT for evidence acquisition in the NIDS/NIPS mode
- Splunk to collect and analyze log files
- Squid as an open-source proxy
- YARA to help identify malware
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.