Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Network Forensics

You're reading from   Hands-On Network Forensics Investigate network attacks and find evidence using common network forensic tools

Arrow left icon
Product type Paperback
Published in Mar 2019
Publisher
ISBN-13 9781789344523
Length 358 pages
Edition 1st Edition
Languages
Concepts
Arrow right icon
Author (1):
Arrow left icon
Nipun Jaswal Nipun Jaswal
Author Profile Icon Nipun Jaswal
Nipun Jaswal
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Section 1: Obtaining the Evidence
2. Introducing Network Forensics FREE CHAPTER 3. Technical Concepts and Acquiring Evidence 4. Section 2: The Key Concepts
5. Deep Packet Inspection 6. Statistical Flow Analysis 7. Combatting Tunneling and Encryption 8. Section 3: Conducting Network Forensics
9. Investigating Good, Known, and Ugly Malware 10. Investigating C2 Servers 11. Investigating and Analyzing Logs 12. WLAN Forensics 13. Automated Evidence Aggregation and Analysis 14. Other Books You May Enjoy 15. Assessments

What this book covers

Chapter 1, Introducing Network Forensics, lays the network forensics base for you and will focus on the key concepts that will aid in understanding network anomalies and behavior.

Chapter 2, Technical Concepts and Acquiring Evidence, focuses on developing some fundamental knowledge and insights into network forensics. This chapter will discuss the IP suite, the collection of evidence, and internetworking through hands-on practical exercises.

Chapter 3, Deep Packet Inspection, focuses on key concepts related to widely used protocols, such as Dynamic Host Configuration Protocol (DHCP), Simple Mail Transfer Protocol (SMTP), and Hyper Text Transfer Protocol (HTTP).

Chapter 4, Statistical Flow Analysis, demonstrates statistical flow analysis, collection and aggregation, and protocols and flow record export protocols.

Chapter 5, Combatting Tunneling and Encryption, focuses on network tunneling, its concepts, and an analysis from the perspective of network forensics.

Chapter 6, Investigating Good, Known, and Ugly Malware, focuses on malware forensics over an infected network by making use of various tools and techniques. It discusses many modern malware examples, their modus operandi, and focuses on developing skills in investigating network behavior and patterns in relation to malware.

Chapter 7, Investigating C2 Servers, focuses on Command and Control (C2) servers, their execution over the network, widely used C2 ecosystems, and the most critical identifiers to look for while working with C2-based malware.

Chapter 8, Investigating and Analyzing Logs, primarily focuses on working with a variety of log types and gathering inputs to ultimately aid your network forensics exercises.

Chapter 9, WLAN Forensics, highlights critical concepts in relation to Wi-Fi forensics, and discusses various packet structures and sources of evidence while familiarizing you with finding rogue access points and identifying attack patterns.

Chapter 10, Automated Evidence Aggregation and Analysis, focuses on developing scripts, tools, segregation techniques, and methodologies for automation while processing a large evidence set. This chapter also highlights the insights of reading network packets and PCAP through programming while automating manual techniques.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime