Network Forensics: Tracking Hackers through Cyberspace (Anglais) Relié – 13 juin 2012
- Choisissez parmi 17 000 points de collecte en France
- Les membres du programme Amazon Premium bénéficient de livraison gratuites illimitées
- Trouvez votre point de collecte et ajoutez-le à votre carnet d’adresses
- Sélectionnez cette adresse lors de votre commande
Produits fréquemment achetés ensemble
Les clients ayant acheté cet article ont également acheté
Descriptions du produit
Présentation de l'éditeur
– Dr. Craig S. Wright (GSE), Asia Pacific Director at Global Institute for Cyber Security + Research.
“It’s like a symphony meeting an encyclopedia meeting a spy novel.”
–Michael Ford, Corero Network Security
On the Internet, every action leaves a mark–in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.
Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace.Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history–and cached web pages, too–from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.
Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence. You can download the evidence files from the authors’ web site (lmgsecurity.com), and follow along to gain hands-on experience.
Hackers leave footprints all across the Internet. Can you find their tracks and solve the case? Pick up Network Forensicsand find out.
Biographie de l'auteur
Jonathan Ham has been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than two thousand feet underground, taught intrusion analysis to the NSA, and chartered and trained the CIRT for one of the largest U.S. civilian federal agencies. He is a founder of LMG Security. His favorite field is ip[6:2].
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.
Détails sur le produit
Quels sont les autres articles que les clients achètent après avoir regardé cet article?
Commentaires en ligne
Commentaires client les plus utiles sur Amazon.com (beta)
Author's Jonathan Ham and Sherri Davidoff are both SANS Institute instructors, and bring significant real-world experience to every chapter. Martin McKeay has an interview (albeit dated) with the authors on his web site here about their SANS course on network forensics.
In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.
While the book Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet provides a comprehensive overview of the topic; Network Forensics: Tracking Hackers through Cyberspace focuses at the packet level.
Part 2, which is about a third of the book, is spent on traffic analysis, with all-embracing coverage of concepts and topics such as statistical flow analysis, wireless traffic capture and analysis, NIDS detection and analysis, packet logging and more.
Readers should be very comfortable with Wireshark packet capture output, which the book extensively references. Those not quite comfortable with packet capture analysis will likely find this book way over their head.
Part 3 focuses on network devices and logging for all types of network devices. Detailed logging aspects for switches, routers and firewalls are dealt with.
The last 2 chapters deal with advanced topics such as network tunneling and malware forensics.
The book also includes 9 case studies which go into extreme detail on the topic covered. While the notion of a case study in many books is a 2-3 page overview, these case studies are 10-20 pages in length and provide an across-the-board analysis of the topic. Evidence files for each case study are available at the author's web site here.
Network Forensics: Tracking Hackers through Cyberspace is an extremely detailed and comprehensive guide on the topic. It is made for the advanced user who is comfortable with forensic tools such as NetworkMiner and Snort.
For those that are up to the task, Network Forensics: Tracking Hackers through Cyberspace is an invaluable reference that will make the reader a master of the topic.
Warning: Network Forensics is not for entry level readers or even intermediate. This is hardcore PhD level material.
I was surprised that the book cover says “Tracking Hackers Through Cyberspace.” First off, there isn’t anything wrong with being a hacker. There is something wrong with conducting criminal activity and those are two completely different things. If the book would have posted “Tracking Criminals Through Cyberspace”, I might have only cringed a little bit. My second gripe is about the word “Cyber.” Come on folks, it is “digital” not “cyber.” I’m sure the authors didn’t do this; it was probably the editor’s fault. They have to sell books with sexy names so I don’t directly blame the writers.
The entire book is an in-depth technical manual and how-to guide for network forensics. The difference between regular digital forensics and network forensics is that evidence is much harder to locate and more volatile across a network than data storage devices. Husband and wife team Sherri and Jonathan dive deep, deep into hidden corners of switches and hubs to show you where evidence resides. The text is clearly written and done so in a straight forward manner. The content is tough though. Don’t expect an easy read.
You will need a sharp mind to completely understand the importance of this material, as it’s presented. I found myself reading aloud and reading very slowly. There were many places where I went back and read again. This is coming from a guy who has been in digital security since 1989. There is a treasure chest of techniques, ideas, checklists and software usage loaded across every chapter. At 545 pages, this is worth twice the cost of the book if you plan on a profession in digital forensics.
Sherri and Jonathan give ample real world examples and go step by step how to solve these crimes. If you buy the book just to read the stories, then you won’t be disappointed. There are some really great mysteries that were never in the media loaded in the pages. The usual software products are covered in great detail along with plenty of solutions for open source programs too. I like free stuff so I lean towards code I can review myself and not proprietary commercial programs.
You will want to pay close attention to patterns throughout the guide. There is lengthy coverage on packets, protocols, devices and all manner of technology that I had never considered exploring as deep as these writers did. There are cool case studies to keep your attention focused on the topic. Don’t let the evil Ann steal all your trade secrets. This means the book is also fun. The authors made sure to keep you, the reader, involved in the forensic process. It showed me how much I didn’t know about the finer points of network forensics.
I will have to admit that this book is similar to reading some of the computer crime law books I have. It took me a long time to read the book because I was absorbing so much incredible information. Log files are dissected down past the timestamping we are used to seeing and further down to individual packets associated with MAC addresses. Timestamps can be wrong, as the writers tell, because not everything is in synch and devices are located across the globe. So they suggest and show you how to correlate information from multiple sources. There is a stern warning to not use your crime theory for anything other than support the facts of that crime.
I suck at that one.
Network Forensics takes you by the hand and walks you through very complicated cases, one simple step at a time. The authors provide several reasons for doing a technique a certain way, along with issues with what could go wrong if you don’t take their advice. There are times in the book where I had to backtrack to rediscover something I had already read but forgotten and now needed it. Luckily the book is nicely laid out so you can find your information quickly.
At the end of this amazing book is an advanced section. Yes, an advanced section. I though the whole book was advanced then they spring a more advanced segment at the end. Those authors really do know their topic. The advance section covers malware forensics and network tunneling. Malware forensics is a very specialized field not for the faint of heart. If you enjoy spending countless hours dissecting code than this is your playground, not mine.
I’ve talked about my precious desk space in other reviews and that only very special books make it onto my desk. Right now, five books sit on that desk. I will have to bump one off because this book, this masterpiece, must now take a spot on my small desk. Some people have awards, others give stars, I give room for incredible books. Network Forensics is truly a book in its own class.
But please heed my warning. This book is not for beginners. This book is for serious professionals who have ample experience under their belts already. If you buy this book and don’t met this criteria, don’t blame me cause I warned you. This is one incredible masterpiece.