MARC details
| 000 -LEADER |
|---|
| fixed length control field |
05792cam a2200361Ii 4500 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781119329176 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
1119329175 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781119329190 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
1119329191 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781119329183 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
1119329183 |
| 040 ## - CATALOGING SOURCE |
|---|
| Transcribing agency |
CUS |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Messier, Ric, |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Network forensics / |
| Statement of responsibility, etc. |
Ric Messier. |
| 260 #1 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Place of publication, distribution, etc. |
Indianapolis, IN : |
| Name of publisher, distributor, etc. |
Wiley, |
| Date of publication, distribution, etc. |
2017. |
| 300 ## - DESCRIPTION |
|---|
| Extent |
1 online resource : |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Cover; Title Page; Copyright; About the Author; About the Technical Editor; Credits; Contents; Introduction; What This Book Covers; How to Use This Book; How This Book Is Organized; Chapter 1: Introduction to Network Forensics; What Is Forensics?; Handling Evidence; Cryptographic Hashes; Chain of Custody; Incident Response; The Need for Network Forensic Practitioners; Summary; References; Chapter 2: Networking Basics; Protocols; Open Systems Interconnection (OSI) Model; TCP/IP Protocol Suite; Protocol Data Units; Request for Comments; Internet Registries; Internet Protocol and Addressing |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Internet Protocol AddressesInternet Control Message Protocol (ICMP); Internet Protocol Version 6 (IPv6); Transmission Control Protocol (TCP); Connection-Oriented Transport; User Datagram Protocol (UDP); Connectionless Transport; Ports; Domain Name System; Support Protocols (DHCP); Support Protocols (ARP); Summary; References; Chapter 3: Host-Side Artifacts; Services; Connections; Tools; netstat; nbstat; ifconfig/ipconfig; Sysinternals; ntop; Task Manager/Resource Monitor; ARP; /proc Filesystem; Summary; Chapter 4: Packet Capture and Analysis; Capturing Packets; Tcpdump/Tshark; Wireshark; Taps |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Port SpanningARP Spoofing; Passive Scanning; Packet Analysis with Wireshark; Packet Decoding; Filtering; Statistics; Following Streams; Gathering Files; Network Miner; Summary; Chapter 5: Attack Types; Denial of Service Attacks; SYN Floods; Malformed Packets; UDP Floods; Amplification Attacks; Distributed Attacks; Backscatter; Vulnerability Exploits; Insider Threats; Evasion; Application Attacks; Summary; Chapter 6: Location Awareness; Time Zones; Using whois; Traceroute; Geolocation; Location-Based Services; WiFi Positioning; Summary; Chapter 7: Preparing for Attacks; NetFlow; Logging |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
SyslogWindows Event Logs; Firewall Logs; Router and Switch Logs; Log Servers and Monitors; Antivirus; Incident Response Preparation; Google Rapid Response; Commercial Offerings; Security Information and Event Management; Summary; Chapter 8: Intrusion Detection Systems; Detection Styles; Signature-Based; Heuristic; Host-Based versus Network-Based; Snort; Suricata and Sagan; Bro; Tripwire; OSSEC; Architecture; Alerting; Summary; Chapter 9: Using Firewall and Application Logs; Syslog; Centralized Logging; Reading Log Messages; LogWatch; Event Viewer; Querying Event Logs; Clearing Event Logs |
| 505 8# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Firewall LogsProxy Logs; Web Application Firewall Logs; Common Log Format; Summary; Chapter 10: Correlating Attacks; Time Synchronization; Time Zones; Network Time Protocol; Packet Capture Times; Log Aggregation and Management; Windows Event Forwarding; Syslog; Log Management Offerings; Timelines; Plaso; PacketTotal; Wireshark; Security Information and Event Management; Summary; Chapter 11: Network Scanning; Port Scanning; Operating System Analysis; Scripts; Banner Grabbing; Ping Sweeps; Vulnerability Scanning; Port Knocking; Tunneling; Passive Data Gathering; Summary |
| 650 #0 - SUBJECT |
|---|
| Keyword |
Computer networks |
| 650 #0 - SUBJECT |
|---|
| Keyword |
Internet |
| 650 #7 - SUBJECT |
|---|
| Keyword |
COMPUTERS / Security / General |
| 650 #7 - SUBJECT |
|---|
| Keyword |
Computer networks |
| 650 #7 - SUBJECT |
|---|
| Keyword |
Internet |
| 856 40 - ONLINE RESOURCES |
|---|
| url |
https://doi.org/10.1002/9781119329190 |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Koha item type |
e-Books |
