Joe Fichera - Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response
Here you can read online Joe Fichera - Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2012, publisher: Syngress, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response
- Author:
- Publisher:Syngress
- Genre:
- Year:2012
- Rating:5 / 5
- Favourites:Add to favourites
- Your mark:
Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Nearly every business depends on its network to provide information services to carry out essential activities, and network intrusion attacks have been growing increasingly frequent and severe. When network intrusions do occur, its imperative that a thorough and systematic analysis and investigation of the attack is conducted to determine the nature of the threat and the extent of information lost, stolen, or damaged during the attack. A thorough and timely investigation and response can serve to minimize network downtime and ensure that critical business systems are maintained in full operation.
Network Intrusion Analysis teaches the reader about the various tools and techniques to use during a network intrusion investigation. The book focuses on the methodology of an attack as well as the investigative methodology, challenges, and concerns. This is the first book that provides such a thorough analysis of network intrusion investigation and response.
Network Intrusion Analysis addresses the entire process of investigating a network intrusion by: *Providing a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion. *Providing real-world examples of network intrusions, along with associated workarounds. *Walking you through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation.
Network Intrusion Analysis addresses the entire process of investigating a network intrusion.
*Provides a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion.
*Provides real-world examples of network intrusions, along with associated workarounds.
*Walks readers through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation.
Joe Fichera: author's other books
Who wrote Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response? Find out the surname, the name of the author of the book and a list of all author's works by series.
Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Joe Fichera
Steven Bolt
| Acquiring Editor: | Chris Katsaropolous |
| Development Editor: | Meagan White |
| Project Manager: | Priya Kumaraguruparan |
| Designer: | Joanne Blank |
Syngress is an imprint of Elsevier
225 Wyman Street, Waltham, MA 02451, USA
Copyright 2012 Elsevier, Inc. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this fi eld are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Application submitted
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library.
ISBN: 978-1-59749-962-0
Printed in the United States of America
13 14 15 10 9 8 7 6 5 4 3 2 1
For information on all Syngress publications visit our website at www.syngress.com
This book would not have been possible without the love and support from our families. It goes without saying that they are our inspiration for everything we do. We would not be where we are today in our careers without them.
We also need to thank all the people we have worked with in the past. There is not a single one who we have not learned something from. We have encountered countless talented people in this industry and they should all be applauded for their hard work and dedication. We have yet to meet someone in this line of business that is no longer striving to learn more or enhance their own skillset. This even holds true for the former inhabitants of the cave.
The idea to write this book came as a result of developing curriculum at the Defense Cyber Investigations Training Academy. It occurred to us that there were not any published books on Intrusion Investigations. There are plenty of great books about Computer Forensics, Registry Analysis, Penetration Testing, Network Security and Hacking. A reader could read a majority of these books and have a good idea of what an intrusion investigation would entail. There are courses that one could take on intrusion investigations as well. The intent of this book is to introduce the reader to the core principals and steps of an intrusion investigation. Our hope is that the reader will take the material provided and continue to build upon it. We really only scratched the surface and there is a lot more to learn. One book could never cover every tool, application, technique or type of intrusion. What we did cover is a solid foundation and methodology that can be built upon and adapted to the readers needs. One thing that this book will not do is provide a check list of steps to take. Throughout both our careers, we have often been asked to produce such a list. Throughout our careers we have vehemently refused to produce such a list. Why? Although having a list of potential tools to use and procedures to run can help remind you of your options, following a list is never advised. An investigator needs to be able to adapt to the situation. Not every intrusion, network and incident will be the same. There is no cookie cutter step by step process that you can use. To be effective and successful at this job, you must have a large variety of tools, tricks and techniques at your disposal. You will need to remain competent in their use. If you decide to create your own list, that is your decision.
This book is intended for anyone with an interest in network intrusion investigations. A new investigator can take the techniques and build upon them. A network administrator, security professional can gain insight into what an incident responder and/or intrusion investigator will need from them when an intrusion does occur. A computer forensic analyst can expand their own skillset in order to provide more services to their clients or advance their career. This book could also prove valuable for anyone who is responsible for any aspect of a networks security.
This book is organized by each stage of an investigation. The thing to remember is that even though we cover each stage in a particular order that does not mean that every investigation will flow in that order. An investigation can be initiated at any one of these stages. The evidence you find will lead to one stage or another. You will simply have to again, be flexible enough to be able to adapt. Often times, you will find that you need to revisit a stage that you had previously analyzed. As an example, you may have to go back to a host machine and locate registry keys that were discovered as a result of the malware analysis.
The process begins in Chapter 2 were we will walk through a simple intrusion. We will monitor the network traffic for later analysis.
In Chapter 3, we focus on Incident Response and the related considerations. We discuss creating your own toolset. We also take a look at two commercial products.
Chapter 4 discusses analyzing the volatile data that would have been collected in Chapter 3. This includes memory analysis. Again, numerous tools are explored.
In Chapter 5 we explore the network analysis techniques, tools and considerations Chapter 6 provides an overview of a host analysis. We look at a number of tools that provide the ability to analyze a portion of the host. We also discuss the all-inclusive common commercial tools.
Chapter 7 introduces the reader to basic malware analysis. This chapter is meant as an introduction to a very complex subject.
Font size:
Interval:
Bookmark:
Similar books «Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response»
Look at similar books to Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.