| 000 -LEADER |
|---|
| fixed length control field |
a |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
250306b xxu||||| |||| 00| 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9798868807411 |
| 082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
005.3 |
| Item number |
CAR |
| 100 ## - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Cardwell, Kevin |
| 245 ## - TITLE STATEMENT |
|---|
| Title |
Tactical Wireshark : A Deep Dive into Intrusion Analysis, Malware Incidents, and Extraction of Forensic Evidence |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Name of publisher, distributor, etc |
Apress, |
| Date of publication, distribution, etc |
2023 |
| Place of publication, distribution, etc |
New York : |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xv, 462 p. ; |
| Other physical details |
ill., (b & w), |
| Dimensions |
26 cm |
| 365 ## - TRADE PRICE |
|---|
| Price amount |
1799.00 |
| Price type code |
₹ |
| Unit of pricing |
01 |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE |
|---|
| Bibliography, etc |
Includes index. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc |
Take a systematic approach at identifying intrusions that range from the most basic to the most sophisticated, using Wireshark, an open source protocol analyzer. This book will show you how to effectively manipulate and monitor different conversations and perform statistical analysis of these conversations to identify the IP and TCP information of interest. Next, you'll be walked through a review of the different methods malware uses, from inception through the spread across and compromise of a network of machines. The process from the initial “click” through intrusion, the characteristics of Command and Control (C2), and the different types of lateral movement will be detailed at the packet level. In the final part of the book, you'll explore the network capture file and identification of data for a potential forensics extraction, including inherent capabilities for the extraction of objects such as file data and other corresponding components in support of a forensics investigation. After completing this book, you will have a complete understanding of the process of carving files from raw PCAP data within the Wireshark tool. You will: Use Wireshark to identify intrusions into a network Exercise methods to uncover network data even when it is in encrypted form Analyze malware Command and Control (C2) communications and identify IOCs Extract data in a forensically sound manner to support investigations Leverage capture file statistics to reconstruct network events. |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Computer networks |
|
|---|
| Topical term or geographic name as entry element |
Computer security |
|
|---|
| Topical term or geographic name as entry element |
Customization of the Wireshark Interface |
|
|---|
| Topical term or geographic name as entry element |
Capturing Network Traffic |
|
|---|
| Topical term or geographic name as entry element |
Interpreting Network Protocols |
|
|---|
| Topical term or geographic name as entry element |
Network Attacks |
|
|---|
| Topical term or geographic name as entry element |
Effective Network Traffic Filtering |
|
|---|
| Topical term or geographic name as entry element |
Network Traffic Forensics |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
|
| Item type |
Books |