Author Description

<i>“This is a must-have work for anybody in information security, digital forensics, or involved with incident handling. As we move away from traditional disk-based analysis into the interconnectivity of the cloud, Sherri and Jonathan have created a framework and roadmap that will act as a seminal work in this developing field.”</i> <p style="margin:0px;">– Dr. Craig S. Wright (GSE), Asia Pacific Director at Global Institute for Cyber Security + Research.</p> <p style="margin:0px;">&nbsp;</p> <p style="margin:0px;" msonormal"=""i“It’s like a symphony meeting an encyclopedia meeting a spy novel.”/i/p p style="margin:0px;"–Michael Ford, Corero Network Security/p p style="margin:0px;"&nbsp;/p p style="margin:0px;" msonormal"="">On the Internet, every action leaves a mark–in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.</p> <p style="margin:0px;">&nbsp;</p> <p style="margin:0px;" msonormal"=""Learn to recognize hackers’ tracks and uncover network-based evidence in biNetwork Forensics: Tracking Hackers through Cyberspace./i/bCarve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history–and cached web pages, too–from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire./p p style="margin:0px;"&nbsp;/p p style="margin:0px;" msonormal"="">Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence. You can download the evidence files from the authors’ web site (lmgsecurity.com), and follow along to gain hands-on experience.</p> <p style="margin:0px;">&nbsp;</p>