Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Learning Network Forensics

You're reading from Learning Network Forensics Identify and safeguard your network against both internal and external threats, hackers, and malware attacks

Product type Paperback

Published in Feb 2016

Publisher

ISBN-13 9781782174905

Length 274 pages

Edition 1st Edition

Tools

Wireshark

Concepts

Forensics

Author (1):

Datt

View More author details

Table of Contents (17) Chapters

Learning Network Forensics

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

1. Becoming Network 007s FREE CHAPTER

2. Laying Hands on the Evidence

3. Capturing & Analyzing Data Packets

4. Going Wireless

5. Tracking an Intruder on the Network

6. Connecting the Dots – Event Logs

7. Proxies, Firewalls, and Routers

8. Smuggling Forbidden Protocols – Network Tunneling

9. Investigating Malware – Cyber Weapons of the Internet

10. Closing the Deal – Solving the Case

Index

Revisiting the TAARA investigation methodology

Let's do a quick review of the TAARA network forensics and incident response methodology.

As we learned in Chapter 1, Becoming Network 007s, TAARA stands for the following:

Trigger: This is the event that leads to an investigation.
Acquire: This is the process that is set in motion by the trigger; this is predefined as part of the incident response plan and involves identifying, acquiring, and collecting information and evidence relating to the incident. This includes getting information related to the triggers, reasons for suspecting an incident, and identifying and acquiring sources of evidence for subsequent analysis.
Analysis: All the evidence that is collected is now collated, correlated, and analyzed. The sequence of events is identified. The pertinent questions relating to whether the incident actually occurred or not; if it did, what exactly happened, how it happened, who was involved, what is the extent of the compromise, and so on are...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (1)

Datt

Datt

Samir Datt has been dabbling with digital investigations since 1988, which was around the time he solved his first case with the help of an old PC and Lotus 123. He is the Founder CEO of Foundation Futuristic Technologies (P) Ltd, better known as ForensicsGuru.com. He is widely credited with evangelizing computer forensics in the Indian subcontinent and has personally trained thousands of law enforcement officers in the area. He has the distinction of starting the computer forensics industry in South Asia and setting up India's first computer forensic lab in the private sector. He is consulted by law enforcement agencies and private sector on various technology-related investigative issues. He has extensive experience in training thousands of investigators as well as examining a large number of digital sources of evidence in both private and government investigations.

See other products by Datt

Personalised recommendations for you

Based on your interests and search pattern

Cloud Security Handbook

Cloud Security Handbook

This book provides complete coverage of every cloud security aspect—from initial design to ongoing maintenance. Packed with best practices, it helps you smoothly transition to the public cloud, while keeping your environments secure and compliant.

Apr 2025 16h 4m

CompTIA CySA+ (CS0-003) Certification Guide

CompTIA CySA+ (CS0-003) Certification Guide

Prepare for CompTIA CySA+ (CS0-003) exam with this study guide—covering security ops, incident response, and vulnerability management in depth to level up your cybersecurity career. Includes exam-style questions, 2 practice tests, and flashcards.

Apr 2025 24h 44m

Cyber Security Kill Chain - Tactics and Strategies

Cyber Security Kill Chain - Tactics and Strategies

Learn how the cyber kill chain, a structured model that outlines the stages of a cyberattack, guides you through understanding threat actor behaviors and bolstering their ability to defend against evolving cyber threats.

May 2025 10h 16m