Gjør som tusenvis av andre bokelskere
Abonner på vårt nyhetsbrev og få rabatter og inspirasjon til din neste leseopplevelse.
Ved å abonnere godtar du vår personvernerklæring.Du kan når som helst melde deg av våre nyhetsbrev.
Take a systematic approach at identifying intrusions that range from the most basic to the most sophisticated, using Wireshark, an open source protocol analyzer. This book will show you how to effectively manipulate and monitor different conversations and perform statistical analysis of these conversations to identify the IP and TCP information of interest.Next, you'll be walked through a review of the different methods malware uses, from inception through the spread across and compromise of a network of machines. The process from the initial ¿click¿ through intrusion, the characteristics of Command and Control (C2), and the different types of lateral movement will be detailed at the packet level.In the final part of the book, you'll explore the network capture file and identification of data for a potential forensics extraction, including inherent capabilities for the extraction of objects such as file data and other corresponding components in support of a forensics investigation.After completing this book, you will have a complete understanding of the process of carving files from raw PCAP data within the Wireshark tool.What You Will LearnUse Wireshark to identify intrusions into a networkExercise methods to uncover network data even when it is in encrypted formAnalyze malware Command and Control (C2) communications and identify IOCsExtract data in a forensically sound manner to support investigationsLeverage capture file statistics to reconstruct network eventsWho This Book Is ForNetwork analysts, Wireshark analysts, and digital forensic analysts.
The reason I decided to write this book is to show that we have to rethink how we look at security. We continue to use the same methods and the threat continues to evolve and bypass it, so we need to understand we need a paradigm shift and this book is to help you with this shift. The book takes you from the essential and fundamentals of defense required to protect our modern networks to the advanced concepts of segmentation and isolation to mitigate the risk, then we introduce you to the methods of deploying deception decoys on the network. With this book, you will learn how to flip the model. For years, we have listened to the statement "e;the attackers are at the advantage, because they only have to find one way in and we cannot secure every way in."e; This is true, but with the concepts covered in this book you can flip the model and turn the advantage to the defender, and as a result, you take control of your network! One packet is all we need to identify when they are within our network! We can control the path and route that the attackers pursue and simulate and present a replication of the required data within the sement while moving the real data to a safe location.
Abonner på vårt nyhetsbrev og få rabatter og inspirasjon til din neste leseopplevelse.
Ved å abonnere godtar du vår personvernerklæring.