ebook img

Learning Network Forensics PDF

274 Pages·2016·9.68 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Learning Network Forensics

[ 1 ] Learning Network Forensics Identify and safeguard your network against both internal and external threats, hackers, and malware attacks Samir Datt BIRMINGHAM - MUMBAI Learning Network Forensics Copyright © 2016 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: February 2016 Production reference: 1230216 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-78217-490-5 www.packtpub.com Credits Author Project Coordinator Samir Datt Sanchita Mandal Reviewers Proofreader Nikhil Agarwal Safis Editing Clinton Dsouza Indexer Monica Ajmera Mehta Commissioning Editor Priya Singh Graphics Jason Monteiro Acquisition Editor Tushar Gupta Kirk D'Penha Content Development Editor Production Coordinator Riddhi Tuljapurkar Conidon Miranda Technical Editor Cover Work Manthan Raja Conidon Miranda Copy Editor Vibha Shukla About the Author Samir Datt has been dabbling with digital investigations since 1988, which was around the time he solved his first case with the help of an old PC and Lotus 123. He is the Founder CEO of Foundation Futuristic Technologies (P) Ltd, better known as ForensicsGuru.com. He is widely credited with evangelizing computer forensics in the Indian subcontinent and has personally trained thousands of law enforcement officers in the area. He has the distinction of starting the computer forensics industry in South Asia and setting up India's first computer forensic lab in the private sector. He is consulted by law enforcement agencies and private sector on various technology-related investigative issues. He has extensive experience in training thousands of investigators as well as examining a large number of digital sources of evidence in both private and government investigations. At last it is done, A journey that long ago was begun, Many lights there are that have helped on the way, To everyone of them, my thanks I would say. This book would never have seen the light of day had it not been for Tushar Gupta, acquisition editor at Packt Publishing. He tracked me down and invited and convinced me to write. He encouraged me, cajoled me, and finally pushed me into the mystic world of authoring. Thanks Tushar! I would also like to convey my heartfelt thanks to Riddhi Tuljapurkar, my content development editor. She has been a beacon guiding me through the myriad steps that being an author involves. A first-time author has many moments of self-doubt and hesitation; never did she let me falter, always encouraging, always supportive, she is perhaps the single most important reason that the book is ready on time. Thank you! My book reviewers have been my compass and their encouragements, suggestions, comments, and guidance have been instrumental in getting the book to its present state. Thank you Clinton D'Souza and Nikhil Agarwal. I am indeed deeply grateful. My family has been my biggest cheerleader. A special thanks to my wife, Resham, who has had to put up with my extensive travel schedules and uncounted holidays and weekends devoted to meeting the chapter deadlines. She has been my rock and has always believed that I was destined to write. My son, Madhav, who despite his own hectic schedules at IIT, Kharagpur, took time out to help me with the illustrations, screenshots, chapter editing, and scenario environments. Without you this could never have been done. Many thanks! I also owe a thank you to my parents, who have been encouraging throughout the course of this book. My dogs, Tuffy, Lucky, Lolu, and Chutki, have been a source of inspiration by constantly bombarding me with unlimited doses of love and affection. Thanks are also due to the rock-solid team at ForensicsGuru.com, who helped me with my research and chapter illustrations. Great work, guys! Last but not least, I thank the Creator; for without Him, no creation is possible. About the Reviewers Nikhil Agarwal, an InfoSec researcher, proactive, and performance-driven professional from India with more than three years of progressive expertise in management and IT security field, is dedicated to operational excellence, quality, safety, and respectful leadership. Nikhil is insightful and result-driven IT professional with notable success directing a broad range of corporate IT security initiatives while participating in planning, analyzing, and implementing solutions in support of business objectives. He excels at providing comprehensive secure network design, systems analysis, and complete life cycle project management. By qualification, Nikhil possesses a bachelor's degree in engineering in the domain of electronic and communications from Swami Keshvanand Institute of Technology, Management and Gramothan (SKIT) (http://www.skit.ac.in/), Jaipur, Rajasthan. He has completed various projects during his studies and submitted a range of research papers along with the highest range of international certifications. By profession, Nikhil is an IT security engineer and trainer, and a multi-faceted professional with more than three years of experience living, studying, and working in international environments (Asia and Africa). He has undertaken and successfully completed many security projects ranging from providing services, auditing, to training. The description of his professional journey can be found on his LinkedIn profile (https://za.linkedin.com/in/reachatnikhil). Nikhil spends much of his leisure time writing technical articles for his blogs, Technocrat Club (http://technocratclub.blogspot.com), and answering queries over Quora, Stack Overflow, and GitHub. He also has a passion for photography and travelling to new places. He enjoys authoring technical/nontechnical articles for various blogs and websites, along with reviewing books from various IT technologies. Apart from this, Nikhil has founded and holds the post of President for a global non-profit organization, Youth Cross Foundation, working for socially-challenged people to bring up their quality of living with technology as their weapon. Things that set Nikhil apart are creativity, passion, and honesty towards his work. He has always had the support of his family, friends, and relatives, especially his mother. From time to time, Nikhil holds seminars for organizations wanting to explore or discover the possibilities of information security and help answer the spatial questions better. Nikhil is also a lecturer and enjoys teaching the wonderful powers of IT security and explaining how to solve problems on various platforms to the students and corporates. Nikhil's work has also found special mentioning in some national news headlines (http://www.thestatesman.com/mobi/news/ features/checking-for-vulnerabilities/76087.html). Nikhil works over the ideology of Steve Jobs: Stay Hungry. Stay Foolish. Clinton Dsouza is a technology analyst at Barclays in New York, NY. His current role involves analysis and development of security-related technologies in the Digital & IB Enterprise group. He holds bachelor's (B.S.) and master's (M.S.) degrees in computer science from Arizona State University (ASU), concentrating on information assurance and cybersecurity. His research at the Laboratory for Security Engineering for Future Computing (SEFCOM) at ASU was funded by Cisco and the U.S. Department of Energy (DOE). His projects involved access control for distributed systems and policy management for Internet of Things (IoT)-based computing ecosystems. I would like to thank my professor and mentor at ASU, Dr. Gail-Joon Ahn, who guided and engaged me in the field of cybersecurity and information assurance. I would also like to thank my parents and friends for the motivation and inspiration to pursue a career in the field of cybersecurity. www.PacktPub.com eBooks, discount offers, and more Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub. com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details. At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks. TM https://www2.packtpub.com/books/subscription/packtlib Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books. Why subscribe? • Fully searchable across every book published by Packt • Copy and paste, print, and bookmark content • On demand and accessible via a web browser Table of Contents Preface vii Chapter 1: Becoming Network 007s 1 007 characteristics in the network world 2 Bond characteristics for getting to satisfactory completion of the case 4 The TAARA methodology for network forensics 6 Identifying threats to the enterprise 7 Internal threats 7 External threats 8 Data breach surveys 10 Locard's exchange principle 11 Defining network forensics 12 Differentiating between computer forensics and network forensics 13 Strengthening our technical fundamentals 14 The seven-layer model 16 The TCP/IP model 17 Understanding the concept of interconnection between networks/Internet 20 Internet Protocol (IP) 20 Structure of an IP packet 22 Transmission Control Protocol (TCP) 23 User Datagram Protocol (UDP) 24 Internet application protocols 24 Understanding network security 25 Types of threats 25 Internal threats 25 External threats 26 Network security goals 27 Confidentiality 28 Integrity 28 [ i ]

Description:
No part of this book may be reproduced, stored in a retrieval system, or transmitted in Monica Ajmera Mehta. Graphics Nikhil Agarwal, an InfoSec researcher, proactive, and performance-driven .. penetration testing and vulnerability assessment exercise. Metasploit, Wire Shark, and many more.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.