Intensively hands-on training for real-world network forensics Network Forensics provides a uniquely practical guide for IT and law enforcement professionals seeking a deeper understanding of cybersecurity. This book is hands-on all the way—by dissecting packets, you gain fundamental knowledge that only comes from experience. Real packet captures and log files demonstrate network traffic investigation, and the learn-by-doing approach relates the essential skills that traditional forensics investigators may not have. From network packet analysis to host artifacts to log analysis and beyond, this book emphasizes the critical techniques that bring evidence to light. Network forensics is a growing field, and is becoming increasingly central to law enforcement as cybercrime becomes more and more sophisticated. This book provides an unprecedented level of hands-on training to give investigators the skills they need. Investigate packet captures to examine network communications Locate host-based artifacts and analyze network logs Understand intrusion detection systems—and let them do the legwork Have the right architecture and systems in place ahead of an incident Network data is always changing, and is never saved in one place; an investigator must understand how to examine data over time, which involves specialized skills that go above and beyond memory, mobile, or data forensics. Whether you're preparing for a security certification or just seeking deeper training for a law enforcement or IT role, you can only learn so much from concept; to thoroughly understand something, you need to do it. Network Forensics provides intensive hands-on practice with direct translation to real-world application.
RIC MESSIER has been program director for various cyber-security and computer forensics programs at Champlain College. A veteran of the networking and computer security field since the early 1980s, he has worked at large Internet service providers and small software companies. He has been responsible for the development of numerous course materials, has served on incident response teams, and has been consulted on forensic investigations for large companies.
The hands-on training you need to develop vital network forensics skills As cybercrime grows ever more sophisticated, IT and law enforcement professionals have a constantly expanding need for up-to-the-minute skills in identifying, verifying, and preventing network attacks. Network forensics is a dynamic field, and practitioners need to stay on top of ever-evolving threats. To do this effectively, you need hands-on experience. Network Forensics not only teaches the concepts involved, but also lets you practice actually taking the necessary steps to expose vital evidence. Because network data is always changing and never saved in one place, the network forensic specialist must understand how to examine data over time. Network forensics expert Ric Messier provides what you need to know through the use of dissecting packets, using real packet captures and log files to demonstrate performing a forensic investigation on network traffic. You'll learn both the "why" and the "how," enabling you to quickly and easily apply your knowledge to actual situations on the job. Because Network Forensics lets you roll up your sleeves and really practice essential steps, you'll learn to: Investigate packet captures to identify network communications involved in an attack or crime Locate host-based artifacts left by network communications Use logs left behind by network services to correlate with packet captures Understand intrusion detection systems and use them for investigative work Prepare for an incident by having the right network architecture and systems in place