Learning Network Forensics (Paperback)

Samir Datt

Learning Network Forensics (Paperback)
  • 出版商: Packt Publishing
  • 出版日期: 2016-02-29
  • 定價: $1,650
  • 售價: 6.0$990
  • 語言: 英文
  • 頁數: 274
  • 裝訂: Paperback
  • ISBN: 1782174907
  • ISBN-13: 9781782174905
  • 相關分類: 資訊安全駭客 Hack

    • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

Key Features

  • Lay your hands on physical and virtual evidence to understand the sort of crime committed by capturing and analyzing network traffic
  • Connect the dots by understanding web proxies, firewalls, and routers to close in on your suspect
  • A hands-on guide to help you solve your case with malware forensic methods and network behaviors

Book Description

We live in a highly networked world. Every digital device―phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network.

The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to successfully close a case.

What you will learn

  • Understand Internetworking, sources of network-based evidence and other basic technical fundamentals, including the tools that will be used throughout the book
  • Acquire evidence using traffic acquisition software and know how to manage and handle the evidence
  • Perform packet analysis by capturing and collecting data, along with content analysis
  • Locate wireless devices, as well as capturing and analyzing wireless traffic data packets
  • Implement protocol analysis and content matching; acquire evidence from NIDS/NIPS
  • Act upon the data and evidence gathered by being able to connect the dots and draw links between various events
  • Apply logging and interfaces, along with analyzing web proxies and understanding encrypted web traffic
  • Use IOCs (Indicators of Compromise) and build real-world forensic solutions, dealing with malware

About the Author

Samir Datt has been dabbling with digital investigations since 1988, which was around the time he solved his first case with the help of an old PC and Lotus 123. He is the Founder CEO of Foundation Futuristic Technologies (P) Ltd, better known as ForensicsGuru.com. He is widely credited with evangelizing computer forensics in the Indian subcontinent and has personally trained thousands of law enforcement officers in the area. He has the distinction of starting the computer forensics industry in South Asia and setting up India's first computer forensic lab in the private sector. He is consulted by law enforcement agencies and private sector on various technology-related investigative issues. He has extensive experience in training thousands of investigators as well as examining a large number of digital sources of evidence in both private and government investigations.

Table of Contents

  1. Becoming Network 007s
  2. Laying Hands on the Evidence
  3. Capturing & Analyzing Data Packets
  4. Going Wireless
  5. Tracking an Intruder on the Network
  6. Connecting the Dots – Event Logs
  7. Proxies, Firewalls, and Routers
  8. Smuggling Forbidden Protocols – Network Tunneling
  9. Investigating Malware – Cyber Weapons of the Internet
  10. Closing the Deal – Solving the Case

商品描述(中文翻譯)

主要特點


  • 通過捕獲和分析網絡流量,接觸實體和虛擬證據,了解犯罪類型

  • 通過了解網絡代理、防火牆和路由器,尋找嫌疑人

  • 實用指南,幫助您通過恶意軟件取證方法和網絡行為解決案件

書籍描述

我們生活在一個高度網絡化的世界中。每個數字設備-手機、平板電腦或電腦-都以某種方式相互連接。在這個新的連接網絡時代,存在著網絡犯罪。網絡取證是數字調查和信息安全專業人員擴展其能力以抓住網絡罪犯的勇敢新領域。

本書從網絡取證和調查的世界入手。您將首先了解如何收集實體和虛擬證據,截取和分析網絡數據、無線數據包、調查入侵等等。您還將探索使用恶意軟件取證、網絡隧道和行為的技術、工具和調查方法。通過本書,您將完全了解如何成功解決案件。

您將學到什麼


  • 了解互聯網、網絡證據來源和其他基本技術基礎,包括本書中將使用的工具

  • 使用流量捕獲軟件獲取證據,並了解如何管理和處理證據

  • 通過捕獲和收集數據以及內容分析進行數據包分析

  • 定位無線設備,並捕獲和分析無線數據包

  • 實施協議分析和內容匹配;從NIDS/NIPS獲取證據

  • 通過能夠連接事件並建立事件之間的聯繫,對數據和證據進行操作

  • 應用日誌和接口,並分析網絡代理和了解加密的網絡流量

  • 使用IOCs(威脅指標)並構建現實世界的取證解決方案,處理恶意軟件

關於作者

Samir Datt 自1988年以來一直涉足數字調查,那時他在一台舊PC和Lotus 123的幫助下解決了他的第一個案件。他是Foundation Futuristic Technologies(P)Ltd的創始人兼首席執行官,也就是ForensicsGuru.com。他被廣泛認為是在印度次大陸推廣計算機取證的先驅,並親自培訓了數千名执法人員。他有在南亞開展計算機取證行業並在私營部門建立印度首個計算機取證實驗室的榮譽。他在各種與技術相關的調查問題上為执法機構和私營部門提供咨詢。他在培訓數千名調查人員以及檢查大量私人和政府調查中的數字證據方面擁有豐富的經驗。

目錄


  1. 成為網絡特工007

  2. 接觸證據

  3. 捕獲和分析數據包

  4. 無線網絡

  5. 追蹤網絡入侵者

  6. 連接事件日誌

  7. 代理、防火牆和路由器

  8. 非法協議-網絡隧道

  9. 調查恶意軟件-互聯網的網絡武器

  10. 解決案件

類似商品