Автор: Cardwell Название: Tactical Wireshark ISBN: 1484292901 ISBN-13(EAN): 9781484292907 Издательство: Springer Рейтинг: Цена: 7317.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: Take a systematic approach at identifying intrusions that range from the most basic to the most sophisticated, using Wireshark, an open source protocol analyzer. This book will show you how to effectively manipulate and monitor different conversations and perform statistical analysis of these conversations to identify the IP and TCP information of interest. Next, you'll be walked through a review of the different methods malware uses, from inception through the spread across and compromise of a network of machines. The process from the initial “click” through intrusion, the characteristics of Command and Control (C2), and the different types of lateral movement will be detailed at the packet level. In the final part of the book, you'll explore the network capture file and identification of data for a potential forensics extraction, including inherent capabilities for the extraction of objects such as file data and other corresponding components in support of a forensics investigation. After completing this book, you will have a complete understanding of the process of carving files from raw PCAP data within the Wireshark tool. What You Will Learn * Use Wireshark to identify intrusions into a network * Exercise methods to uncover network data even when it is in encrypted form * Analyze malware Command and Control (C2) communications and identify IOCs * Extract data in a forensically sound manner to support investigations * Leverage capture file statistics to reconstruct network events Who This Book Is For Network analysts, Wireshark analysts, and digital forensic analysts.
Автор: Chappell Laura Название: Wireshark Workbook 1: Practice, Challenges, and Solutions ISBN: 1893939642 ISBN-13(EAN): 9781893939646 Издательство: Неизвестно Рейтинг: Цена: 6890.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание:
Wireshark is the world's most popular network analyzer solution. Used for network troubleshooting, forensics, optimization and more, Wireshark is considered one of the most successful open source projects of all time.
Laura Chappell has been involved in the Wireshark project since its infancy (when it was called Ethereal) and is considered the foremost authority on network protocol analysis and forensics using Wireshark.
This book consists of 16 labs and is based on the format Laura introduced to trade show audiences over ten years ago through her highly acclaimed "Packet Challenges." This book gives you a chance to test your knowledge of Wireshark and TCP/IP communications analysis by posing a series of questions related to a trace file and then providing Laura's highly detailed step-by-step instructions showing how Laura arrived at the answers to the labs.
Book trace files and blank Answer Sheets can be downloaded from this book's supplement page (see https: //www.chappell-university.com/books).
Lab 1: Wireshark Warm-Up Objective: Get Comfortable with the Lab Process. Completion of this lab requires many of the skills you will use throughout this lab book. If you are a bit shaky on any answer, take time when reviewing the answers to this lab to ensure you have mastered the necessary skill(s).
Lab 2: Proxy Problem Objective: Examine issues that relate to a web proxy connection problem.
Lab 3: HTTP vs. HTTPS Objective: Analyze and compare HTTP and HTTPS communications and errors using inclusion and field existence filters.
Lab 4: TCP SYN Analysis Objective: Filter on and analyze TCP SYN and SYN/ACK packets to determine the capabilities of TCP peers and their connections.
Lab 5: TCP SEQ/ACK Analysis Objective: Examine and analyze TCP sequence and acknowledgment numbering and Wireshark's interpretation of non-sequential numbering patterns.
Lab 6: You're Out of Order Objective: Examine Wireshark's process of distinguishing between out-of-order packets and retransmissions and identify mis-identifications.
Lab 7: Sky High Objective: Examine and analyze traffic captured as a host was redirected to a malicious site.
Lab 8: DNS Warm-Up Objective: Examine and analyze DNS name resolution traffic that contains canonical name and multiple IP address responses.
Lab 9: Hacker Watch Objective: Analyze TCP connections and FTP command and data channels between hosts.
Lab 10: Timing is Everything Objective: Analyze and compare path latency, name resolution, and server response times.
Lab 11: The News Objective: Analyze capture location, path latency, response times, and keepalive intervals between an HTTP client and server.
Lab 12: Selective ACKs Objective: Analyze the process of establishing Selective acknowledgment (SACK) and using SACK during packet loss recovery.
Lab 13: Just DNS Objective: Analyze, compare, and contrast various DNS queries and responses to identify errors, cache times, and CNAME (alias) information.
Lab 14: Movie Time Objective: Use various display filter types, including regular expressions (regex), to analyze HTTP redirections, end-of-field values, object download times, errors, response times and more.
Lab 15: Crafty Objective: Practice your display filter skills using "contains" operators, ASCII filters, and inclusion/exclusion filters, while analyzing TCP and HTTP performance parameters.
Lab 16: Pattern Recognition Objective: Focus on TCP conversations and endpoints while analyzing TCP sequence numbers, Window Scaling, keep-alive, and Selective Acknowledgment capabilities.
Автор: Baxter James H., Orzach Yoram, Mishra Charit Название: Wireshark Revealed: Essential Skills for IT Professionals ISBN: 1788833228 ISBN-13(EAN): 9781788833226 Издательство: Неизвестно Рейтинг: Цена: 18390.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Автор: Nath Anish Название: Packet Analysis with Wireshark ISBN: 1785887815 ISBN-13(EAN): 9781785887819 Издательство: Неизвестно Рейтинг: Цена: 7539.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Автор: Mishra Charit Название: Mastering Wireshark ISBN: 1783989521 ISBN-13(EAN): 9781783989522 Издательство: Неизвестно Рейтинг: Цена: 10666.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Автор: Crouthamel Andrew Название: Mastering Wireshark 2 ISBN: 1788626524 ISBN-13(EAN): 9781788626521 Издательство: Неизвестно Цена: 8458.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: Wireshark, a combination of Kali and Metasploit, deals with the second to the seventh layer of network protocols. The book will introduce to various protocol analysis methods and will teach you how to analyze them. You will discover and work with some advanced features which will enhance the capabilities of your application. By the end, you ...
Автор: D. Singh Glen Название: Learn Kali Linux 2019 ISBN: 1789611806 ISBN-13(EAN): 9781789611809 Издательство: Неизвестно Рейтинг: Цена: 7539.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.
Автор: Chappell, Laura (Author), Aragon, James (Editor), Название: Troubleshooting with Wireshark: Locate the Source of Performance Problems ISBN: 1893939979 ISBN-13(EAN): 9781893939974 Издательство: Неизвестно Рейтинг: Цена: 6890.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: Whether you are a Wireshark newbie or an experienced Wireshark user, this book streamlines troubleshooting techniques used by Laura Chappell in her 20+ years of network analysis experience. Learn insider tips and tricks to quickly detect the cause of poor network performance. This book consists of troubleshooting labs to walk you through the process of measuring client/server/network delays, detecting application error responses, catching delayed responses, locating the point of packet loss, spotting TCP receiver congestion, and more. Key topics include: path delays, client delays, server delays, connection refusals, service refusals, receive buffer overload, rate throttling, packet loss, redirections, queueing along a path, resolution failures, small MTU sizes, port number reuse, missing support for TCP SACK/Window Scaling, misbehaving infrastructure devices, weak signals (WLAN), and more. Book supplements include sample trace files, Laura's Wireshark troubleshooting profile, and a troubleshooting checklist.
Описание: Reflecting the latest developments and emerging trends from the field, COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS, Seventh Edition, helps you prepare for professional certification -- and career success. The text fully maps to the new CompTIA Security+ SY0-601 Certification Exam, providing thorough coverage of all domain objectives. In addition to its comprehensive coverage of the fundamental essentials of network and computer security, the seventh edition includes expanded coverage of security evaluations, embedded device and Internet of Things (IoT) security, and cloud and virtualization security.
Practical, Hands-On Projects, case activities and online virtual labs help you put what you learn into real-world practice, while the innovative Information Security Community Site connects you to up-to-the-minute news and insights from the information security field.
Автор: Nainar Название: Wireshark for Network Forensics ISBN: 1484290003 ISBN-13(EAN): 9781484290002 Издательство: Springer Рейтинг: Цена: 7317.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: With the advent of emerging and complex technologies, traffic capture and analysis play an integral part in the overall IT operation. This book outlines the rich set of advanced features and capabilities of the Wireshark tool, considered by many to be the de-facto Swiss army knife for IT operational activities involving traffic analysis. This open-source tool is available as CLI or GUI. It is designed to capture using different modes, and to leverage the community developed and integrated features, such as filter-based analysis or traffic flow graph view. You'll start by reviewing the basics of Wireshark, and then examine the details of capturing and analyzing secured application traffic such as SecureDNS, HTTPS, and IPSec. You'll then look closely at the control plane and data plane capture, and study the analysis of wireless technology traffic such as 802.11, which is the common access technology currently used, along with Bluetooth. You'll also learn ways to identify network attacks, malware, covert communications, perform security incident post mortems, and ways to prevent the same. The book further explains the capture and analysis of secure multimedia traffic, which constitutes around 70% of all overall internet traffic. Wireshark for Network Forensics provides a unique look at cloud and cloud-native architecture-based traffic capture in Kubernetes, Docker-based, AWS, and GCP environments. What You'll Learn * Review Wireshark analysis and network forensics * Study traffic capture and its analytics from mobile devices * Analyze various access technology and cloud traffic * Write your own dissector for any new or proprietary packet formats * Capture secured application traffic for analysis Who This Book Is For IT Professionals, Cloud Architects, Infrastructure Administrators, and Network/Cloud Operators
Автор: Verma Piyush Название: Wireshark Network Security ISBN: 1784393339 ISBN-13(EAN): 9781784393335 Издательство: Неизвестно Рейтинг: Цена: 8458.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Автор: Orzach Yoram Название: Network Analysis Using Wireshark Cookbook ISBN: 1849517649 ISBN-13(EAN): 9781849517645 Издательство: Неизвестно Рейтинг: Цена: 10666.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
ООО "Логосфера " Тел:+7(495) 980-12-10 www.logobook.ru
