“This is a must-have for anyone in the field of information security, forensic electronic analysis or involved in incident management.” As we move away from the traditional disk-based analysis into cloud interconnectivity, Sherri and Jonathan have created a framework and a roadmap that will act as a basic work in this developing field “.
On the Internet, each action leaves a marked p router, firewalls, internet proxy servers and within network traffic. When a hacker breaks into a bank or an insider passes secrets to a competitor, the evidence of the crime is always left behind.
Learn to recognize the clues of hackers and discover network-based evidence in Network Forensics: Hacker tracking through cyberspace. Record attachments suspicious of packet captures. Use flow logs to track an intruder while pivoting through the network. Analyze a wireless encryption decryption attack in today’s world (and then decrypt the key yourself). Rebuild the net browsing history of a suspect (and web pages cached as well) from a proxy net. Discover DNS tunnel traffic. Dissect the harness Operation Aurora, trapped in the cable.
About the Author
Sherri Davidoff is a founder of LMG Security, a consulting and research company in information security. His specialties include crimson penetration tests, digital forensic analysis, social engineering tests and web application evaluations. She holds her S.B. in Computer Science and Electrical Engineering from MIT.