Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

Network Forensics: Tracking Hackers through Cyberspace 1st Edition

4.4 out of 5 stars 27 customer reviews
ISBN-13: 978-0132564717
ISBN-10: 0132564718
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Trade in your item
Get a $14.49
Gift Card.
Have one to sell? Sell on Amazon
Rent On clicking this link, a new layer will be open
$23.64 On clicking this link, a new layer will be open
Buy used On clicking this link, a new layer will be open
$46.31 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$59.99 On clicking this link, a new layer will be open
More Buying Choices
46 New from $29.99 32 Used from $27.98
Free Two-Day Shipping for College Students with Prime Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Featured titles on Prisons and Justice System
Handcuffed: What Holds Policing Back, and the Keys to Reform
Handcuffed: What Holds Policing Back, and the Keys to Reform
Handcuffed: What Holds Policing Back, and the Keys to Reform
$59.99 FREE Shipping. Only 19 left in stock (more on the way). Ships from and sold by Amazon.com. Gift-wrap available.
click to open popover

Frequently Bought Together

  • Network Forensics: Tracking Hackers through Cyberspace
  • +
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • +
  • Rtfm: Red Team Field Manual
Total price: $106.23
Buy the selected items together

Editorial Reviews

About the Author

Sherri Davidoff is a founder of LMG Security, an information security consulting and research firm. Her specialties include network penetration testing, digital forensics, social engineering testing, and web application assessments. She holds her S.B. in Computer Science and Electrical Engineering from MIT.

 

Jonathan Ham has been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than two thousand feet underground, taught intrusion analysis to the NSA, and chartered and trained the CIRT for one of the largest U.S. civilian federal agencies. He is a founder of LMG Security. His favorite field is ip[6:2].

NO_CONTENT_IN_FEATURE

New York Times best sellers
Browse the New York Times best sellers in popular categories like Fiction, Nonfiction, Picture Books and more. See more

Product Details

  • Hardcover: 576 pages
  • Publisher: Prentice Hall; 1 edition (June 23, 2012)
  • Language: English
  • ISBN-10: 0132564718
  • ISBN-13: 978-0132564717
  • Product Dimensions: 7 x 1.3 x 9.1 inches
  • Shipping Weight: 2.3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (27 customer reviews)
  • Amazon Best Sellers Rank: #291,024 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

Format: Hardcover
With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel. But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space.

Author's Jonathan Ham and Sherri Davidoff are both SANS Institute instructors, and bring significant real-world experience to every chapter. Martin McKeay has an interview (albeit dated) with the authors on his web site here about their SANS course on network forensics.

In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.

While the book Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet provides a comprehensive overview of the topic; Network Forensics: Tracking Hackers through Cyberspace focuses at the packet level.

Part 2, which is about a third of the book, is spent on traffic analysis, with all-embracing coverage of concepts and topics such as statistical flow analysis, wireless traffic capture and analysis, NIDS detection and analysis, packet logging and more.

Readers should be very comfortable with Wireshark packet capture output, which the book extensively references. Those not quite comfortable with packet capture analysis will likely find this book way over their head.

Part 3 focuses on network devices and logging for all types of network devices. Detailed logging aspects for switches, routers and firewalls are dealt with.

The last 2 chapters deal with advanced topics such as network tunneling and malware forensics.
Read more ›
1 Comment 39 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover Verified Purchase
Ok, this is a great scholarly text. If you've never used Wireshark or a Ethernet Tap then you will be in for a treat and a lot of tools you haven't ever used before. Otherwise, this work is like most College text, when the first few chapters are a "history of" and then it sort of goes to an explanation of the tools you need. I found several things I didn't know, and a few tips on actually hiding your traffic and obfuscating your internet mixed in the text. It's not Harry Potter, and sadly it didn't make me a wazard, but it's a great book for anyone interested in network forensics. For those who are hacker minded, this is basically a book of "this is how you can / will be caught" so, read it, know it, reverse it... and then see how much you can derive from your own traffic. The exercises seem to be aimed for a school / network which isn't really in existence, aka most of the "test" are more... ok, look at the traffic patterns in the book, and figure out what you are looking for, instead of go to your computers and run this simulation. Overall, I'd give this book a 4 out of 5 stars, because they teach you how to watch the traffic and dissect it, yet give very little information on how to obfuscate your tracks. Then again, if they taught you how to do that, they'd be out of a job. :D
1 Comment 8 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
This is well-written, and easy to read. Good footnotes. It starts with foundational stuff, moves on to a very good discussion of traffic analysis, network devices and detailed logging, and advanced stuff including malware, and tunneling. Several useful case studies. Lots of stuff on packet analysis. Supplements at the authors' website are good. It is dense, but easy enough to read, even with a massive page count. It covers most of network forensics. You do want to be familiar with Wireshark.
Comment 7 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
Any book, child story or technical manual that has a forward written by Dr. Daniel Geer is going to be amazing. Not that I recommend Dr. Geer start writing children’s literature, it’s just he is an incredible mind for his time. That was the first thing that caught my attention about the book. I am quite excited about the book because it isn’t your typical forensic book. This masterpiece goes well beyond anything I’ve read in a long time.
Warning: Network Forensics is not for entry level readers or even intermediate. This is hardcore PhD level material.

I was surprised that the book cover says “Tracking Hackers Through Cyberspace.” First off, there isn’t anything wrong with being a hacker. There is something wrong with conducting criminal activity and those are two completely different things. If the book would have posted “Tracking Criminals Through Cyberspace”, I might have only cringed a little bit. My second gripe is about the word “Cyber.” Come on folks, it is “digital” not “cyber.” I’m sure the authors didn’t do this; it was probably the editor’s fault. They have to sell books with sexy names so I don’t directly blame the writers.

The entire book is an in-depth technical manual and how-to guide for network forensics. The difference between regular digital forensics and network forensics is that evidence is much harder to locate and more volatile across a network than data storage devices. Husband and wife team Sherri and Jonathan dive deep, deep into hidden corners of switches and hubs to show you where evidence resides. The text is clearly written and done so in a straight forward manner. The content is tough though. Don’t expect an easy read.

You will need a sharp mind to completely understand the importance of this material, as it’s presented.
Read more ›
1 Comment 4 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Most Recent Customer Reviews

Set up an Amazon Giveaway

Network Forensics: Tracking Hackers through Cyberspace
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more about Amazon Giveaway
This item: Network Forensics: Tracking Hackers through Cyberspace

Pages with Related Products. See and discover other items: computer security