Network Forensics: Tracking Hackers through Cyberspace and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $74.99
  • Save: $20.79 (28%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Network Forensics: Tracki... has been added to your Cart
+ $3.99 shipping
Used: Good | Details
Sold by -Daily Deals-
Condition: Used: Good
Comment: This Book is in Good Condition. Used Copy With Light Amount of Wear. 100% Guaranteed.
Access codes and supplements are not guaranteed with used items.
Sell yours for a Gift Card
We'll buy it for $21.70
Learn More
Trade in now
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Network Forensics: Tracking Hackers through Cyberspace Hardcover – June 23, 2012

ISBN-13: 978-0132564717 ISBN-10: 0132564718 Edition: 1st

Buy New
Price: $54.20
41 New from $43.43 21 Used from $38.28
Amazon Price New from Used from
Kindle
"Please retry"
Hardcover
"Please retry"
$54.20
$43.43 $38.28
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Spring Books
The Big Books of Spring
See our editors' picks for the books you'll want to read this season, from blockbusters and biographies to new fiction and children's books.
$54.20 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Network Forensics: Tracking Hackers through Cyberspace + The Practice of Network Security Monitoring: Understanding Incident Detection and Response + Rtfm: Red Team Field Manual
Price for all three: $99.43

Buy the selected items together
NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Hardcover: 576 pages
  • Publisher: Prentice Hall; 1 edition (June 23, 2012)
  • Language: English
  • ISBN-10: 0132564718
  • ISBN-13: 978-0132564717
  • Product Dimensions: 7 x 1.3 x 9.1 inches
  • Shipping Weight: 2.3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (22 customer reviews)
  • Amazon Best Sellers Rank: #75,356 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Sherri Davidoff is a founder of LMG Security, an information security consulting and research firm. Her specialties include network penetration testing, digital forensics, social engineering testing, and web application assessments. She holds her S.B. in Computer Science and Electrical Engineering from MIT.

 

Jonathan Ham has been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than two thousand feet underground, taught intrusion analysis to the NSA, and chartered and trained the CIRT for one of the largest U.S. civilian federal agencies. He is a founder of LMG Security. His favorite field is ip[6:2].

Customer Reviews

Excellent material. well done.
Lego Guy
This book has lot of case studies - e.g., statistical flow analysis in Chapter 5.
rpv
Should be on every networking professional's bookshelf!
David Barcelou

Most Helpful Customer Reviews

35 of 36 people found the following review helpful By Ben Rothke on June 28, 2012
Format: Hardcover
With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel. But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space.

Author's Jonathan Ham and Sherri Davidoff are both SANS Institute instructors, and bring significant real-world experience to every chapter. Martin McKeay has an interview (albeit dated) with the authors on his web site here about their SANS course on network forensics.

In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.

While the book Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet provides a comprehensive overview of the topic; Network Forensics: Tracking Hackers through Cyberspace focuses at the packet level.

Part 2, which is about a third of the book, is spent on traffic analysis, with all-embracing coverage of concepts and topics such as statistical flow analysis, wireless traffic capture and analysis, NIDS detection and analysis, packet logging and more.

Readers should be very comfortable with Wireshark packet capture output, which the book extensively references. Those not quite comfortable with packet capture analysis will likely find this book way over their head.

Part 3 focuses on network devices and logging for all types of network devices. Detailed logging aspects for switches, routers and firewalls are dealt with.

The last 2 chapters deal with advanced topics such as network tunneling and malware forensics.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 7 people found the following review helpful By Charles W. Hayes on December 23, 2012
Format: Hardcover Verified Purchase
Ok, this is a great scholarly text. If you've never used Wireshark or a Ethernet Tap then you will be in for a treat and a lot of tools you haven't ever used before. Otherwise, this work is like most College text, when the first few chapters are a "history of" and then it sort of goes to an explanation of the tools you need. I found several things I didn't know, and a few tips on actually hiding your traffic and obfuscating your internet mixed in the text. It's not Harry Potter, and sadly it didn't make me a wazard, but it's a great book for anyone interested in network forensics. For those who are hacker minded, this is basically a book of "this is how you can / will be caught" so, read it, know it, reverse it... and then see how much you can derive from your own traffic. The exercises seem to be aimed for a school / network which isn't really in existence, aka most of the "test" are more... ok, look at the traffic patterns in the book, and figure out what you are looking for, instead of go to your computers and run this simulation. Overall, I'd give this book a 4 out of 5 stars, because they teach you how to watch the traffic and dissect it, yet give very little information on how to obfuscate your tracks. Then again, if they taught you how to do that, they'd be out of a job. :D
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 5 people found the following review helpful By John Gardener on June 15, 2013
Format: Hardcover
This is well-written, and easy to read. Good footnotes. It starts with foundational stuff, moves on to a very good discussion of traffic analysis, network devices and detailed logging, and advanced stuff including malware, and tunneling. Several useful case studies. Lots of stuff on packet analysis. Supplements at the authors' website are good. It is dense, but easy enough to read, even with a massive page count. It covers most of network forensics. You do want to be familiar with Wireshark.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 8 people found the following review helpful By Dr Anton Chuvakin on September 11, 2013
Format: Hardcover
So, I spent way too much time reading this book since it just didn't flow well for me.
The goods: examples, depth of content in some areas
The bads: no coverage of actual (narrowly defined) network forensics, dry style
Personally, I'd recommend this book to people who need to learn how to deal with packets and need lots of examples with explanations and workflows.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By David Barcelou on March 9, 2014
Format: Kindle Edition Verified Purchase
There's lot's of material on "computer forensics" but until now this book there's been absolutely nothing on "network forensics".

This is the "Bible" if networks are important to your company's security or you need to know how to find the top talent in the field.

Not overly technical (some things may be better kept secret) but it will certainly have you thinking about things you may not have known were hidden within your networks. Should be on every networking professional's bookshelf!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 5 people found the following review helpful By BBowman on April 4, 2013
Format: Hardcover Verified Purchase
This seems to be a decent book. I wish the author covered more on advanced topics, like Ch 16. I have to admit I was disappointed to see things like, "this is a switch" and "this is what a router does." If you don't know what a router is, you should probably be starting with a different book. While I can understand why authors include this type of information, to sell more books, I appreciate authors that can target their books to a specific and not as general audience. Just my .02.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By A Reviewer on March 3, 2014
Format: Hardcover Verified Purchase
The authors drawing upon their vast experience in the industry and resolving many real word forensics problems have presented a very readable and useful treatise of the subject.

The book not only serves as introduction to various approaches for an otherwise intractable problem it also can function as a useful reference for a real world expert. Depending on the time a person has they can do deep dive on any topic using this book or browse all the topics to get a quick overview of the craft. The case studies are especially well done.

This is a must have book for anyone contemplating to play a role in the security and forensics area.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Network Forensics: Tracking Hackers through Cyberspace
This item: Network Forensics: Tracking Hackers through Cyberspace
Price: $74.99 $54.20
Ships from and sold by Amazon.com