Cargando…
Network forensics /
Intensively hands-on training for real-world network forensicsNetwork Forensics provides a uniquely practical guide for IT and law enforcement professionals seeking a deeper understanding of cybersecurity. This book is hands-on all the way--by dissecting packets, you gain fundamental knowledge that...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Indianapolis, IN :
Wiley,
2017.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_ocn994006202 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||unuuu | ||
| 008 | 170718s2017 inua ob 001 0 eng d | ||
| 040 | |a N$T |b eng |e rda |e pn |c N$T |d DG1 |d YDX |d N$T |d IDEBK |d EBLCP |d OCLCF |d OCLCQ |d IUL |d CNCGM |d IDB |d COO |d UPM |d K6U |d UAB |d DEBSZ |d LIV |d OCLCQ |d DEBBG |d D6H |d OCLCQ |d VVB |d KSU |d UMI |d STF |d CEF |d VT2 |d MERUC |d RECBK |d AU@ |d OAUST |d OCLCQ |d WYU |d LVT |d U3W |d OCLCQ |d UKAHL |d OCLCQ |d UKMGB |d OCLCQ |d BRF |d ELBRO |d OCLCQ |d OCLCO |d SFB |d OCLCQ | ||
| 015 | |a GBB780941 |2 bnb | ||
| 016 | 7 | |a 018339668 |2 Uk | |
| 019 | |a 994470187 |a 995110295 |a 995144993 |a 1004966450 |a 1048187388 |a 1066633740 |a 1103254670 |a 1111104988 |a 1129362939 |a 1153017943 |a 1192350388 |a 1228549688 | ||
| 020 | |a 9781119329176 |q (electronic bk.) | ||
| 020 | |a 1119329175 |q (electronic bk.) | ||
| 020 | |a 9781119329190 |q (electronic bk.) | ||
| 020 | |a 1119329191 |q (electronic bk.) | ||
| 020 | |a 9781119329183 | ||
| 020 | |a 1119329183 | ||
| 020 | |z 9781119328285 |q (print) | ||
| 020 | |z 1119328284 | ||
| 029 | 1 | |a AU@ |b 000061503310 | |
| 029 | 1 | |a AU@ |b 000062162513 | |
| 029 | 1 | |a AU@ |b 000062186323 | |
| 029 | 1 | |a AU@ |b 000062360973 | |
| 029 | 1 | |a AU@ |b 000066232163 | |
| 029 | 1 | |a AU@ |b 000066533269 | |
| 029 | 1 | |a AU@ |b 000067105626 | |
| 029 | 1 | |a CHBIS |b 011150720 | |
| 029 | 1 | |a CHNEW |b 000964913 | |
| 029 | 1 | |a CHVBK |b 495227781 | |
| 029 | 1 | |a DEBSZ |b 493821449 | |
| 029 | 1 | |a GBVCP |b 1014934532 | |
| 029 | 1 | |a GBVCP |b 1014966779 | |
| 029 | 1 | |a UKMGB |b 018339668 | |
| 035 | |a (OCoLC)994006202 |z (OCoLC)994470187 |z (OCoLC)995110295 |z (OCoLC)995144993 |z (OCoLC)1004966450 |z (OCoLC)1048187388 |z (OCoLC)1066633740 |z (OCoLC)1103254670 |z (OCoLC)1111104988 |z (OCoLC)1129362939 |z (OCoLC)1153017943 |z (OCoLC)1192350388 |z (OCoLC)1228549688 | ||
| 037 | |a CL0500000895 |b Safari Books Online | ||
| 050 | 4 | |a TK5105.59 | |
| 072 | 7 | |a COM |x 053000 |2 bisacsh | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Messier, Ric, |e author. | |
| 245 | 1 | 0 | |a Network forensics / |c Ric Messier. |
| 264 | 1 | |a Indianapolis, IN : |b Wiley, |c 2017. | |
| 264 | 4 | |c ©2017 | |
| 300 | |a 1 online resource : |b color illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Online resource; title from PDF title page (John Wiley, viewed July 25, 2017). | |
| 505 | 0 | |a Cover; Title Page; Copyright; About the Author; About the Technical Editor; Credits; Contents; Introduction; What This Book Covers; How to Use This Book; How This Book Is Organized; Chapter 1: Introduction to Network Forensics; What Is Forensics?; Handling Evidence; Cryptographic Hashes; Chain of Custody; Incident Response; The Need for Network Forensic Practitioners; Summary; References; Chapter 2: Networking Basics; Protocols; Open Systems Interconnection (OSI) Model; TCP/IP Protocol Suite; Protocol Data Units; Request for Comments; Internet Registries; Internet Protocol and Addressing. | |
| 505 | 8 | |a Internet Protocol AddressesInternet Control Message Protocol (ICMP); Internet Protocol Version 6 (IPv6); Transmission Control Protocol (TCP); Connection-Oriented Transport; User Datagram Protocol (UDP); Connectionless Transport; Ports; Domain Name System; Support Protocols (DHCP); Support Protocols (ARP); Summary; References; Chapter 3: Host-Side Artifacts; Services; Connections; Tools; netstat; nbstat; ifconfig/ipconfig; Sysinternals; ntop; Task Manager/Resource Monitor; ARP; /proc Filesystem; Summary; Chapter 4: Packet Capture and Analysis; Capturing Packets; Tcpdump/Tshark; Wireshark; Taps. | |
| 505 | 8 | |a Port SpanningARP Spoofing; Passive Scanning; Packet Analysis with Wireshark; Packet Decoding; Filtering; Statistics; Following Streams; Gathering Files; Network Miner; Summary; Chapter 5: Attack Types; Denial of Service Attacks; SYN Floods; Malformed Packets; UDP Floods; Amplification Attacks; Distributed Attacks; Backscatter; Vulnerability Exploits; Insider Threats; Evasion; Application Attacks; Summary; Chapter 6: Location Awareness; Time Zones; Using whois; Traceroute; Geolocation; Location-Based Services; WiFi Positioning; Summary; Chapter 7: Preparing for Attacks; NetFlow; Logging. | |
| 505 | 8 | |a SyslogWindows Event Logs; Firewall Logs; Router and Switch Logs; Log Servers and Monitors; Antivirus; Incident Response Preparation; Google Rapid Response; Commercial Offerings; Security Information and Event Management; Summary; Chapter 8: Intrusion Detection Systems; Detection Styles; Signature-Based; Heuristic; Host-Based versus Network-Based; Snort; Suricata and Sagan; Bro; Tripwire; OSSEC; Architecture; Alerting; Summary; Chapter 9: Using Firewall and Application Logs; Syslog; Centralized Logging; Reading Log Messages; LogWatch; Event Viewer; Querying Event Logs; Clearing Event Logs. | |
| 505 | 8 | |a Firewall LogsProxy Logs; Web Application Firewall Logs; Common Log Format; Summary; Chapter 10: Correlating Attacks; Time Synchronization; Time Zones; Network Time Protocol; Packet Capture Times; Log Aggregation and Management; Windows Event Forwarding; Syslog; Log Management Offerings; Timelines; Plaso; PacketTotal; Wireshark; Security Information and Event Management; Summary; Chapter 11: Network Scanning; Port Scanning; Operating System Analysis; Scripts; Banner Grabbing; Ping Sweeps; Vulnerability Scanning; Port Knocking; Tunneling; Passive Data Gathering; Summary. | |
| 520 | 8 | |a Intensively hands-on training for real-world network forensicsNetwork Forensics provides a uniquely practical guide for IT and law enforcement professionals seeking a deeper understanding of cybersecurity. This book is hands-on all the way--by dissecting packets, you gain fundamental knowledge that only comes from experience. Real packet captures and log files demonstrate network traffic investigation, and the learn-by-doing approach relates the essential skills that traditional forensics investigators may not have. From network packet analysis to host artifacts to log analysis and beyond, this book emphasizes the critical techniques that bring evidence to light.Network forensics is a growing field, and is becoming increasingly central to law enforcement as cybercrime becomes more and more sophisticated. This book provides an unprecedented level of hands-on training to give investigators the skills they need. Investigate packet captures to examine network communicationsLocate host-based artifacts and analyze network logsUnderstand intrusion detection systems--and let them do the legworkHave the right architecture and systems in place ahead of an incidentNetwork data is always changing, and is never saved in one place; an investigator must understand how to examine data over time, which involves specialized skills that go above and beyond memory, mobile, or data forensics. Whether you're preparing for a security certification or just seeking deeper training for a law enforcement or IT role, you can only learn so much from concept; to thoroughly understand something, you need to do it. Network Forensics provides intensive hands-on practice with direct translation to real-world application. | |
| 504 | |a Includes bibliographical references and index. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 0 | |a Internet |x Security measures. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 6 | |a Internet |x Sécurité |x Mesures. | |
| 650 | 7 | |a COMPUTERS |x Security |x General. |2 bisacsh | |
| 650 | 7 | |a Computer networks |x Security measures. |2 fast |0 (OCoLC)fst00872341 | |
| 650 | 7 | |a Internet |x Security measures. |2 fast |0 (OCoLC)fst01751426 | |
| 776 | 0 | 8 | |i Print version: |a Messier, Ric. |t Network forensics. |d Indianapolis, IN : Wiley, 2017 |z 1119328284 |z 9781119328285 |w (OCoLC)960091582 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781119328285/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH32066802 | ||
| 938 | |a Askews and Holts Library Services |b ASKH |n AH32066801 | ||
| 938 | |a EBSCOhost |b EBSC |n 1556076 | ||
| 938 | |a eLibro |b ELBO |n ELB177224 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n cis36881926 | ||
| 938 | |a Recorded Books, LLC |b RECE |n rbeEB00737605 | ||
| 938 | |a YBP Library Services |b YANK |n 14700923 | ||
| 938 | |a YBP Library Services |b YANK |n 14723954 | ||
| 938 | |a YBP Library Services |b YANK |n 14712599 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL4917496 | ||
| 994 | |a 92 |b IZTAP | ||