Network Forensics: Tracking Hackers through Cyberspace and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $74.99
  • Save: $48.74 (65%)
Rented from apex_media
To Rent, select Shipping State from options above
Due Date: Dec 21, 2014
FREE return shipping at the end of the semester. Access codes and supplements are not guaranteed with rentals.
Qty:1
  • List Price: $74.99
  • Save: $25.30 (34%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Trade in your item
Get a $22.92
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Network Forensics: Tracking Hackers through Cyberspace Hardcover – June 23, 2012

ISBN-13: 978-0132564717 ISBN-10: 0132564718 Edition: 1st

Buy New
Price: $49.69
Rent
Price: $26.25
38 New from $45.69 19 Used from $42.58
Rent from Amazon Price New from Used from
Kindle
"Please retry"
Hardcover
"Please retry"
$26.25
$49.69
$45.69 $42.58
Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Frequently Bought Together

Network Forensics: Tracking Hackers through Cyberspace + The Practice of Network Security Monitoring: Understanding Incident Detection and Response + Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Price for all three: $116.97

Buy the selected items together

NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Hardcover: 576 pages
  • Publisher: Prentice Hall; 1 edition (June 23, 2012)
  • Language: English
  • ISBN-10: 0132564718
  • ISBN-13: 978-0132564717
  • Product Dimensions: 9.4 x 7.4 x 1.4 inches
  • Shipping Weight: 2.3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (20 customer reviews)
  • Amazon Best Sellers Rank: #125,748 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Sherri Davidoff is a founder of LMG Security, an information security consulting and research firm. Her specialties include network penetration testing, digital forensics, social engineering testing, and web application assessments. She holds her S.B. in Computer Science and Electrical Engineering from MIT.

 

Jonathan Ham has been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than two thousand feet underground, taught intrusion analysis to the NSA, and chartered and trained the CIRT for one of the largest U.S. civilian federal agencies. He is a founder of LMG Security. His favorite field is ip[6:2].


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.5 out of 5 stars
5 star
14
4 star
2
3 star
3
2 star
1
1 star
0
See all 20 customer reviews
Excellent material. well done.
Lego Guy
Should be on every networking professional's bookshelf!
David Barcelou
The author's writing style makes the book lively.
rpv

Most Helpful Customer Reviews

33 of 33 people found the following review helpful By Ben Rothke on June 28, 2012
Format: Hardcover
With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel. But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space.

Author's Jonathan Ham and Sherri Davidoff are both SANS Institute instructors, and bring significant real-world experience to every chapter. Martin McKeay has an interview (albeit dated) with the authors on his web site here about their SANS course on network forensics.

In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.

While the book Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet provides a comprehensive overview of the topic; Network Forensics: Tracking Hackers through Cyberspace focuses at the packet level.

Part 2, which is about a third of the book, is spent on traffic analysis, with all-embracing coverage of concepts and topics such as statistical flow analysis, wireless traffic capture and analysis, NIDS detection and analysis, packet logging and more.

Readers should be very comfortable with Wireshark packet capture output, which the book extensively references. Those not quite comfortable with packet capture analysis will likely find this book way over their head.

Part 3 focuses on network devices and logging for all types of network devices. Detailed logging aspects for switches, routers and firewalls are dealt with.

The last 2 chapters deal with advanced topics such as network tunneling and malware forensics.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 5 people found the following review helpful By Charles W. Hayes on December 23, 2012
Format: Hardcover Verified Purchase
Ok, this is a great scholarly text. If you've never used Wireshark or a Ethernet Tap then you will be in for a treat and a lot of tools you haven't ever used before. Otherwise, this work is like most College text, when the first few chapters are a "history of" and then it sort of goes to an explanation of the tools you need. I found several things I didn't know, and a few tips on actually hiding your traffic and obfuscating your internet mixed in the text. It's not Harry Potter, and sadly it didn't make me a wazard, but it's a great book for anyone interested in network forensics. For those who are hacker minded, this is basically a book of "this is how you can / will be caught" so, read it, know it, reverse it... and then see how much you can derive from your own traffic. The exercises seem to be aimed for a school / network which isn't really in existence, aka most of the "test" are more... ok, look at the traffic patterns in the book, and figure out what you are looking for, instead of go to your computers and run this simulation. Overall, I'd give this book a 4 out of 5 stars, because they teach you how to watch the traffic and dissect it, yet give very little information on how to obfuscate your tracks. Then again, if they taught you how to do that, they'd be out of a job. :D
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By John Gardener on June 15, 2013
Format: Hardcover
This is well-written, and easy to read. Good footnotes. It starts with foundational stuff, moves on to a very good discussion of traffic analysis, network devices and detailed logging, and advanced stuff including malware, and tunneling. Several useful case studies. Lots of stuff on packet analysis. Supplements at the authors' website are good. It is dense, but easy enough to read, even with a massive page count. It covers most of network forensics. You do want to be familiar with Wireshark.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By E. Rahman on June 9, 2013
Format: Hardcover
Love this book. Davidoff and Ham have done an excellent job of making a whole range of very technical network security topics accessible, even to complete newcomers new to the field.

Great step by step guide on how to analyze networks and detect anomalies within them. Highly Recommended.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 4 people found the following review helpful By Dr Anton Chuvakin on September 11, 2013
Format: Hardcover
So, I spent way too much time reading this book since it just didn't flow well for me.
The goods: examples, depth of content in some areas
The bads: no coverage of actual (narrowly defined) network forensics, dry style
Personally, I'd recommend this book to people who need to learn how to deal with packets and need lots of examples with explanations and workflows.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By Dawn Caron on April 27, 2014
Format: Hardcover Verified Purchase
Love this field and love this book. The cover picture is pretty cool as well. This was chosen for an additional read to my college classes.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By Erica Quarles on March 20, 2014
Format: Hardcover Verified Purchase
It is a must have book that should be in everyone's forensic library. It explains topics very well and you feel that you are at the top of your game.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Hardcover
This book is extremely well written. You read it and you get a feeling of clarity and organization within a topic that is really messy and shifting.

To read this you should be aware of a few computer-science-y things first, like knowing what various protocols are, or you might find it too technical. You don't need to be a super-hacker -- just someone who knows as much as a sysadmin should know.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images