MARC details
000 -LEADER |
fixed length control field |
05792cam a2200361Ii 4500 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
9781119329176 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
1119329175 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
9781119329190 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
1119329191 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
9781119329183 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
1119329183 |
040 ## - CATALOGING SOURCE |
Transcribing agency |
CUS |
100 1# - MAIN ENTRY--PERSONAL NAME |
Personal name |
Messier, Ric, |
245 10 - TITLE STATEMENT |
Title |
Network forensics / |
Statement of responsibility, etc. |
Ric Messier. |
260 #1 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
Place of publication, distribution, etc. |
Indianapolis, IN : |
Name of publisher, distributor, etc. |
Wiley, |
Date of publication, distribution, etc. |
2017. |
300 ## - DESCRIPTION |
Extent |
1 online resource : |
505 0# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Cover; Title Page; Copyright; About the Author; About the Technical Editor; Credits; Contents; Introduction; What This Book Covers; How to Use This Book; How This Book Is Organized; Chapter 1: Introduction to Network Forensics; What Is Forensics?; Handling Evidence; Cryptographic Hashes; Chain of Custody; Incident Response; The Need for Network Forensic Practitioners; Summary; References; Chapter 2: Networking Basics; Protocols; Open Systems Interconnection (OSI) Model; TCP/IP Protocol Suite; Protocol Data Units; Request for Comments; Internet Registries; Internet Protocol and Addressing |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Internet Protocol AddressesInternet Control Message Protocol (ICMP); Internet Protocol Version 6 (IPv6); Transmission Control Protocol (TCP); Connection-Oriented Transport; User Datagram Protocol (UDP); Connectionless Transport; Ports; Domain Name System; Support Protocols (DHCP); Support Protocols (ARP); Summary; References; Chapter 3: Host-Side Artifacts; Services; Connections; Tools; netstat; nbstat; ifconfig/ipconfig; Sysinternals; ntop; Task Manager/Resource Monitor; ARP; /proc Filesystem; Summary; Chapter 4: Packet Capture and Analysis; Capturing Packets; Tcpdump/Tshark; Wireshark; Taps |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Port SpanningARP Spoofing; Passive Scanning; Packet Analysis with Wireshark; Packet Decoding; Filtering; Statistics; Following Streams; Gathering Files; Network Miner; Summary; Chapter 5: Attack Types; Denial of Service Attacks; SYN Floods; Malformed Packets; UDP Floods; Amplification Attacks; Distributed Attacks; Backscatter; Vulnerability Exploits; Insider Threats; Evasion; Application Attacks; Summary; Chapter 6: Location Awareness; Time Zones; Using whois; Traceroute; Geolocation; Location-Based Services; WiFi Positioning; Summary; Chapter 7: Preparing for Attacks; NetFlow; Logging |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
SyslogWindows Event Logs; Firewall Logs; Router and Switch Logs; Log Servers and Monitors; Antivirus; Incident Response Preparation; Google Rapid Response; Commercial Offerings; Security Information and Event Management; Summary; Chapter 8: Intrusion Detection Systems; Detection Styles; Signature-Based; Heuristic; Host-Based versus Network-Based; Snort; Suricata and Sagan; Bro; Tripwire; OSSEC; Architecture; Alerting; Summary; Chapter 9: Using Firewall and Application Logs; Syslog; Centralized Logging; Reading Log Messages; LogWatch; Event Viewer; Querying Event Logs; Clearing Event Logs |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Firewall LogsProxy Logs; Web Application Firewall Logs; Common Log Format; Summary; Chapter 10: Correlating Attacks; Time Synchronization; Time Zones; Network Time Protocol; Packet Capture Times; Log Aggregation and Management; Windows Event Forwarding; Syslog; Log Management Offerings; Timelines; Plaso; PacketTotal; Wireshark; Security Information and Event Management; Summary; Chapter 11: Network Scanning; Port Scanning; Operating System Analysis; Scripts; Banner Grabbing; Ping Sweeps; Vulnerability Scanning; Port Knocking; Tunneling; Passive Data Gathering; Summary |
650 #0 - SUBJECT |
Keyword |
Computer networks |
650 #0 - SUBJECT |
Keyword |
Internet |
650 #7 - SUBJECT |
Keyword |
COMPUTERS / Security / General |
650 #7 - SUBJECT |
Keyword |
Computer networks |
650 #7 - SUBJECT |
Keyword |
Internet |
856 40 - ONLINE RESOURCES |
url |
https://doi.org/10.1002/9781119329190 |
942 ## - ADDED ENTRY ELEMENTS (KOHA) |
Koha item type |
e-Books |