Network Forensics: Tracking Hackers through Cyberspace and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Search inside this book
Start reading Network Forensics: Tracking Hackers through Cyberspace on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Network Forensics: Tracking Hackers through Cyberspace [Hardcover]

Sherri Davidoff (Author), Jonathan Ham (Author)
List Price: CDN$ 72.99
Price: CDN$ 45.98 & this item ships for FREE with Super Saver Shipping. Details
You Save: CDN$ 27.01 (37%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 5 left in stock (more on the way).
Ships from and sold by Amazon.ca. Gift-wrap available.
Want it delivered Monday, May 27? Choose One-Day Shipping at checkout.

Formats

 Amazon Price New from Used from
Kindle Edition CDN $31.04   -- --
Hardcover CDN $45.98   -- --

Book Description

Publication Date: Jun 13 2012 | ISBN-10: 0132564718 | ISBN-13: 978-0132564717 | Edition: 1
“This is a must-have work for anybody in information security, digital forensics, or involved with incident handling. As we move away from traditional disk-based analysis into the interconnectivity of the cloud, Sherri and Jonathan have created a framework and roadmap that will act as a seminal work in this developing field.”

– Dr. Craig S. Wright (GSE), Asia Pacific Director at Global Institute for Cyber Security + Research.

 

“It’s like a symphony meeting an encyclopedia meeting a spy novel.”

–Michael Ford, Corero Network Security

 

On the Internet, every action leaves a mark–in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.

 

Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace. Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history–and cached web pages, too–from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.

 

Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence. You can download the evidence files from the authors’ web site (lmgsecurity.com), and follow along to gain hands-on experience.

 

Hackers leave footprints all across the Internet. Can you find their tracks and solve the case? Pick up Network Forensics and find out.

 

Frequently Bought Together

Customers buy this book with Mastering Windows Network Forensics and Investigation by Steven Anson Paperback CDN$ 45.13

Network Forensics: Tracking Hackers through Cyberspace + Mastering Windows Network Forensics and Investigation
Price For Both: CDN$ 91.11

Show availability and shipping details

  • This item: Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff Hardcover

    In Stock.
    Ships from and sold by Amazon.ca.
    This item ships for FREE with Super Saver Shipping. Details

  • Mastering Windows Network Forensics and Investigation by Steven Anson Paperback

    In Stock.
    Ships from and sold by Amazon.ca.
    This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

Product Details

Product Description

About the Author

Sherri Davidoff is a founder of LMG Security, an information security consulting and research firm. Her specialties include network penetration testing, digital forensics, social engineering testing, and web application assessments. She holds her S.B. in Computer Science and Electrical Engineering from MIT.

 

Jonathan Ham has been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than two thousand feet underground, taught intrusion analysis to the NSA, and chartered and trained the CIRT for one of the largest U.S. civilian federal agencies. He is a founder of LMG Security. His favorite field is ip[6:2].

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

What Other Items Do Customers Buy After Viewing This Item?

Explore similar items

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.0 out of 5 stars  8 reviews
21 of 21 people found the following review helpful
5.0 out of 5 stars Incredibly good comprehensive and useful guide to network forensics Jun 28 2012
By Ben Rothke - Published on Amazon.com
Format:Hardcover
With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel. But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space.

Author's Jonathan Ham and Sherri Davidoff are both SANS Institute instructors, and bring significant real-world experience to every chapter. Martin McKeay has an interview (albeit dated) with the authors on his web site here about their SANS course on network forensics.

In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.

While the book Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet provides a comprehensive overview of the topic; Network Forensics: Tracking Hackers through Cyberspace focuses at the packet level.

Part 2, which is about a third of the book, is spent on traffic analysis, with all-embracing coverage of concepts and topics such as statistical flow analysis, wireless traffic capture and analysis, NIDS detection and analysis, packet logging and more.

Readers should be very comfortable with Wireshark packet capture output, which the book extensively references. Those not quite comfortable with packet capture analysis will likely find this book way over their head.

Part 3 focuses on network devices and logging for all types of network devices. Detailed logging aspects for switches, routers and firewalls are dealt with.

The last 2 chapters deal with advanced topics such as network tunneling and malware forensics.

The book also includes 9 case studies which go into extreme detail on the topic covered. While the notion of a case study in many books is a 2-3 page overview, these case studies are 10-20 pages in length and provide an across-the-board analysis of the topic. Evidence files for each case study are available at the author's web site here.

Network Forensics: Tracking Hackers through Cyberspace is an extremely detailed and comprehensive guide on the topic. It is made for the advanced user who is comfortable with forensic tools such as NetworkMiner and Snort.

For those that are up to the task, Network Forensics: Tracking Hackers through Cyberspace is an invaluable reference that will make the reader a master of the topic.
3 of 3 people found the following review helpful
4.0 out of 5 stars A scholarly text. Dec 23 2012
By Charles W. Hayes - Published on Amazon.com
Format:Hardcover|Amazon Verified Purchase
Ok, this is a great scholarly text. If you've never used Wireshark or a Ethernet Tap then you will be in for a treat and a lot of tools you haven't ever used before. Otherwise, this work is like most College text, when the first few chapters are a "history of" and then it sort of goes to an explanation of the tools you need. I found several things I didn't know, and a few tips on actually hiding your traffic and obfuscating your internet mixed in the text. It's not Harry Potter, and sadly it didn't make me a wazard, but it's a great book for anyone interested in network forensics. For those who are hacker minded, this is basically a book of "this is how you can / will be caught" so, read it, know it, reverse it... and then see how much you can derive from your own traffic. The exercises seem to be aimed for a school / network which isn't really in existence, aka most of the "test" are more... ok, look at the traffic patterns in the book, and figure out what you are looking for, instead of go to your computers and run this simulation. Overall, I'd give this book a 4 out of 5 stars, because they teach you how to watch the traffic and dissect it, yet give very little information on how to obfuscate your tracks. Then again, if they taught you how to do that, they'd be out of a job. :D
1 of 1 people found the following review helpful
5.0 out of 5 stars real good book Jan 29 2013
By Vladimir Stanojevic - Published on Amazon.com
Format:Hardcover|Amazon Verified Purchase
Specific, not just in general info.
very rich with usefull examples.
good as refference manual for every IT security proffessional

    Your Shopping Cart is empty.

    Give it purpose—fill it with books, DVDs, clothes, electronics, and more.

    If you already have an account, sign in.

    View Cart (0 items)

      Listmania!

      Create a Listmania! list

      Look for similar items by category

      Feedback

      Would you like to update product info or give feedback on images?

      Amazon.ca Privacy Statement Amazon.ca Shipping Information Amazon.ca Returns & Exchanges