Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning Network Forensics

You're reading from   Learning Network Forensics Identify and safeguard your network against both internal and external threats, hackers, and malware attacks

Arrow left icon
Product type Paperback
Published in Feb 2016
Publisher
ISBN-13 9781782174905
Length 274 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Samir Datt Samir Datt
Author Profile Icon Samir Datt
Samir Datt
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Becoming Network 007s FREE CHAPTER 2. Laying Hands on the Evidence 3. Capturing & Analyzing Data Packets 4. Going Wireless 5. Tracking an Intruder on the Network 6. Connecting the Dots – Event Logs 7. Proxies, Firewalls, and Routers 8. Smuggling Forbidden Protocols – Network Tunneling 9. Investigating Malware – Cyber Weapons of the Internet 10. Closing the Deal – Solving the Case Index

Chapter 5. Tracking an Intruder on the Network

 

"Beware the intentions of Uninvited Guests."

 
 --Samir Datt

Intruders on a network are any network administrators' worst nightmare. Survey after survey conducted by the world's most trusted organizations point indisputably to the fact that, statistically, when it comes to network breaches, it is not a matter of if my network gets breached, but a matter of when my network gets breached. Some of the famous sites and networks that have been attacked in the past include the Pentagon, NATO, White House, and so on. As a network forensics investigator, it is critical to understand ways and means of intrusion detection and prevention.

Intrusion detection/prevention systems come in a multitude of flavors. There can be a host-based IDS/IPS or network-based IDS/IPS. Host-based systems monitor activity on the host computer, whereas network-based systems monitor activity based on network traffic captures.

This chapter...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime