Network Intrusion Analysis
Methodologies, Tools, and Techniques for Incident Analysis and Response
- Steven Bolt, is a Computer Forensics Leader, and Instructor at the Defence Cyber Investigations Training Academy. He provides instruction and guidance to support the criminal investigators of the DoD and other federal investigators.
- Joe Fichera, Joe Fichera is a Certified Computer Examiner (CCE) and member of the ISFCE. He also holds EnCE, ACE, CTT+, SCNS, A+, Network+, and MCP certifications.
Network Intrusion Analysis teaches the reader about the various tools and techniques to use during a network intrusion investigation. The book focuses on the methodology of an attack as well as the investigative methodology, challenges, and concerns. This is the first book that provides such a thorough analysis of network intrusion investigation and response.
Network Intrusion Analysis addresses the entire process of investigating a network intrusion by:
*Providing a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion.
*Providing real-world examples of network intrusions, along with associated workarounds.
*Walking you through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation.
Professionals (Network Administrators, IT Managers, Security Managers, Security Analysts, Directors of Security, etc.) IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.).
- Published: April 2006
- Imprint: SYNGRESS
- ISBN: 978-1-59749-962-0
Not only does this book teach you about network intrusion analysis, it also gives you knowledge of how intrusions are performed. This inside information helps give you a better picture of what's really going on when you are investigating a compromise. -Derrick Rountree, CISSP, CASP, MCSE
Table of ContentsChapter 1. Intrusion Analysis Methodology
Chapter 2. Intrusion Methodologies and Artifacts
Chapter 3. Incident Response
Chapter 4. Volatile Data Analysis
Chapter 5. Network Analysis
Chapter 6. Host-Based Analysis
Chapter 7. Malware Analysis
Chapter 8. Finalizing the Analysis