Using Open Source Tools
De som köpt den här boken har ofta också köpt We, Programmers av Robert C Martin (häftad).
Köp båda 2 för 904 kr"... an extremely informative dive into the realm of network security data collection and analysis...well organized and thought through...I have only positive comments from my study." -The Ethical Hacker Network, Oct 31, 2014
Chris Sanders is a technology consultant, author, and trainer. Chris serves as senior information security analyst for the Department of Defense as contracted through EWA Government Systems, Inc. In this role Chris is responsible for the management of a team of intrusion detection system analysts examining public and classified networks. His book Practical Packet Analysis is widely respected as one of the best practical use books on its topic and has sold several thousand copies internationally. Along with this, Chris has written and co-written hundreds of articles on the topics centered on network security, packet analysis, intrusion detection, and general network administration. Chris also serves as a SANS mentor training students on intrusion detection in-depth and incident handling.
In 2008, Chris founded the Rural Technology Fund. The RTF is a 501(c)(3) non-profit organization designed to provide scholarship opportunities to students from rural areas pursuing careers in computer technology. The organization also promotes technology advocacy in rural areas through various support programs.
You can read more about Chris on his personal blog located at http://www.chrissanders.org where he posts information regarding his latest projects as well as various technical articles and product reviews
* Introduction to NSM * Driving Data Collection * The Sensor Platform * Full Packet Capture Data * Session Data * Protocol Metadata * Statistical Data * Indicators of Compromise * Target-Based Detection * Signature-Based Detection with Snort * Signature-Based Detection with Suricata * Anomaly-Based Detection with Bro * Early Warning AS&W with Honeypots * Packet Analysis * Friendly Intelligence * Hostile Intelligence * Differential Diagnosis of NSM Events * Incident Morbidity and Mortality * Malware Analysis for NSM