Network forensics / Ric Messier.
Publication details: Indianapolis, IN : Wiley, ©2017Description: xxiv, 331 p. : ill. ; 24 cmISBN:- 1119328284
- 9781119328285
- 005.8 23 MES
Item type | Current library | Call number | Copy number | Status | Date due | Barcode |
---|---|---|---|---|---|---|
Book Closed Access | Engineering Library | 005.8 MES 1 (Browse shelf(Opens below)) | 1 | Available | BUML24010412 |
CONTENTS
1. Introduction to network forensics
What is forensics?
Incident response
The need for network forensic practioners
etc..
2. Networking basics
Protocols
Request for comments
Internet registries
etc..
3. Host-side artifacts
Services
Connections
Tools
etc...
4. Packet capture and analysis
Capturing packets
Packet analysis with Wireshark
5. Attack types
Denial of service attacks
Vulnerability exploits
Application attacks
6. Location awareness
Time zones
Using whois
Traceroute
Geolocation
7. Preparing for attacks
Netflow
Logging
Antivirus
etc..
8. Intrusion detection systems
Detection styles
Host-based versus network-based
Archtecture
etc..
9. Using firewall and application logs
Syslong
Event viewer
Firewall logs
etc..
10. Correlating attacks
Time synchronization
Packet capture times
Log aggregation
11. Network scanning
Port scanning
Culpability scanning
Port knocking
etc...
12. Final considerations.
Encryption
Cloud computing
The Onion router
Includes index p. 319-331
There are no comments on this title.