Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
- ISBN: 9780132564717 | 0132564718
- Cover: Hardcover
- Copyright: 6/13/2012
Network forensics is transforming the way investigators examine computer crime: they have discovered that the network holds far more evidence than could ever be retrieved from a local hard drive. Network forensic skills are in especially short supply, and professionals are flocking to the scarce resources available for mastering these skills. Now, for the first time, there's a comprehensive and practical book on the subject. Building on their pioneering SANS Institute course, top network forensics experts Jonathan Ham and Sherri Davidoff take readers through an exciting, entertaining, and technically rigorous journey through the skills and principles of successful network investigation. One step at a time, they demonstrate how to recover usable forensic evidence from firewalls, web proxies, IDS, routers, wireless access points, and even raw packet captures. Coverage includes: * Understanding the unique challenges associated with network investigation * Mastering the state-of-the-art OSCAR Network Forensics Investigative Methodology * Acquiring evidence passively, actively, and interactively * Aggregating, correlating, and analyzing event logs * Investigating compromised encryption and SSL interception * And much more Every section contains a real-world case study, and the book culminates with a "Capstone" case study walking through an entire investigation from start to finish, and challenging readers to solve the crime themselves.