001463393 000__ 04419cam\a22005897i\4500
001463393 001__ 1463393
001463393 003__ OCoLC
001463393 005__ 20230601003318.0
001463393 006__ m\\\\\o\\d\\\\\\\\
001463393 007__ cr\cn\nnnunnun
001463393 008__ 230421s2023\\\\nyu\\\\\o\\\\\001\0\eng\d
001463393 019__ $$a1376232706
001463393 020__ $$a9781484292914$$q(electronic bk.)
001463393 020__ $$a148429291X$$q(electronic bk.)
001463393 020__ $$z1484292901
001463393 020__ $$z9781484292907
001463393 0247_ $$a10.1007/978-1-4842-9291-4$$2doi
001463393 035__ $$aSP(OCoLC)1376834530
001463393 040__ $$aGW5XE$$beng$$erda$$epn$$cGW5XE$$dYDX$$dUKAHL$$dYDX$$dORMDA
001463393 049__ $$aISEA
001463393 050_4 $$aQA76.9.A25$$bC37 2023
001463393 08204 $$a005.8/3$$223/eng/20230421
001463393 1001_ $$aCardwell, Kevin,$$eauthor.
001463393 24510 $$aTactical Wireshark :$$ba deep dive into intrusion analysis, malware incidents, and extraction of forensic evidence /$$cKevin Cardwell.
001463393 264_1 $$aNew York, NY :$$bApress,$$c2023.
001463393 300__ $$a1 online resource (382 pages) :$$billustrations (black and white, and color).
001463393 336__ $$atext$$btxt$$2rdacontent
001463393 337__ $$acomputer$$bc$$2rdamedia
001463393 338__ $$aonline resource$$bcr$$2rdacarrier
001463393 500__ $$aIncludes index.
001463393 5050_ $$aChapter 01: Customization of the Wireshark Interface -- Chapter 02: Capturing Network Traffic -- Chapter 03: Interpreting Network Protocols -- Chapter 04: Analysis of Network Attacks -- Chapter 05: Effective Network Traffic Filtering -- Chapter 06: Advanced Features of Wireshark -- Chapter 07: Scripting and interacting with Wireshark -- Chapter 08: Basic Malware Traffic Analysis -- Chapter 09: Analyzing Encoding, Obfuscated and ICS Malware Traffic -- Chapter 10: Dynamic Malware Network Activities -- Chapter 11: Extractions of Forensic Data with Wireshark -- Chapter 12: Network Traffic Forensics -- Chapter 13: Conclusion.
001463393 506__ $$aAccess limited to authorized users.
001463393 520__ $$aTake a systematic approach at identifying intrusions that range from the most basic to the most sophisticated, using Wireshark, an open source protocol analyzer. This book will show you how to effectively manipulate and monitor different conversations and perform statistical analysis of these conversations to identify the IP and TCP information of interest. Next, you'll be walked through a review of the different methods malware uses, from inception through the spread across and compromise of a network of machines. The process from the initial click through intrusion, the characteristics of Command and Control (C2), and the different types of lateral movement will be detailed at the packet level. In the final part of the book, you'll explore the network capture file and identification of data for a potential forensics extraction, including inherent capabilities for the extraction of objects such as file data and other corresponding components in support of a forensics investigation. After completing this book, you will have a complete understanding of the process of carving files from raw PCAP data within the Wireshark tool. You will: Use Wireshark to identify intrusions into a network Exercise methods to uncover network data even when it is in encrypted form Analyze malware Command and Control (C2) communications and identify IOCs Extract data in a forensically sound manner to support investigations Leverage capture file statistics to reconstruct network events.
001463393 588__ $$aDescription based on print version record.
001463393 650_0 $$aComputer security.
001463393 650_0 $$aComputer networks.
001463393 655_0 $$aElectronic books.
001463393 77608 $$iPrint version:$$aCARDWELL, KEVIN.$$tTACTICAL WIRESHARK.$$d[Place of publication not identified] : APRESS, 2023$$z1484292901$$w(OCoLC)1366075828
001463393 852__ $$bebk
001463393 85640 $$3Springer Nature$$uhttps://univsouthin.idm.oclc.org/login?url=https://link.springer.com/10.1007/978-1-4842-9291-4$$zOnline Access$$91397441.1
001463393 909CO $$ooai:library.usi.edu:1463393$$pGLOBAL_SET
001463393 980__ $$aBIB
001463393 980__ $$aEBOOK
001463393 982__ $$aEbook
001463393 983__ $$aOnline
001463393 994__ $$a92$$bISE