Learning Network Forensics (Paperback)

Samir Datt

  • 出版商: Packt Publishing
  • 出版日期: 2016-02-29
  • 定價: $1,650
  • 售價: 6.0$990
  • 語言: 英文
  • 頁數: 274
  • 裝訂: Paperback
  • ISBN: 1782174907
  • ISBN-13: 9781782174905
  • 立即出貨 (庫存 < 3)



Key Features

  • Lay your hands on physical and virtual evidence to understand the sort of crime committed by capturing and analyzing network traffic
  • Connect the dots by understanding web proxies, firewalls, and routers to close in on your suspect
  • A hands-on guide to help you solve your case with malware forensic methods and network behaviors

Book Description

We live in a highly networked world. Every digital device―phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network.

The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to successfully close a case.

What you will learn

  • Understand Internetworking, sources of network-based evidence and other basic technical fundamentals, including the tools that will be used throughout the book
  • Acquire evidence using traffic acquisition software and know how to manage and handle the evidence
  • Perform packet analysis by capturing and collecting data, along with content analysis
  • Locate wireless devices, as well as capturing and analyzing wireless traffic data packets
  • Implement protocol analysis and content matching; acquire evidence from NIDS/NIPS
  • Act upon the data and evidence gathered by being able to connect the dots and draw links between various events
  • Apply logging and interfaces, along with analyzing web proxies and understanding encrypted web traffic
  • Use IOCs (Indicators of Compromise) and build real-world forensic solutions, dealing with malware

About the Author

Samir Datt has been dabbling with digital investigations since 1988, which was around the time he solved his first case with the help of an old PC and Lotus 123. He is the Founder CEO of Foundation Futuristic Technologies (P) Ltd, better known as ForensicsGuru.com. He is widely credited with evangelizing computer forensics in the Indian subcontinent and has personally trained thousands of law enforcement officers in the area. He has the distinction of starting the computer forensics industry in South Asia and setting up India's first computer forensic lab in the private sector. He is consulted by law enforcement agencies and private sector on various technology-related investigative issues. He has extensive experience in training thousands of investigators as well as examining a large number of digital sources of evidence in both private and government investigations.

Table of Contents

  1. Becoming Network 007s
  2. Laying Hands on the Evidence
  3. Capturing & Analyzing Data Packets
  4. Going Wireless
  5. Tracking an Intruder on the Network
  6. Connecting the Dots – Event Logs
  7. Proxies, Firewalls, and Routers
  8. Smuggling Forbidden Protocols – Network Tunneling
  9. Investigating Malware – Cyber Weapons of the Internet
  10. Closing the Deal – Solving the Case