{"product_id":"the-network-security-test-lab-isbn-9781118987056","title":"The Network Security Test Lab","description":"\u003cb\u003eThe ultimate hands-on guide to IT security and proactive defense\u003c\/b\u003e  \u003cp\u003e\u003ci\u003eThe Network Security Test Lab\u003c\/i\u003e is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills.\u003c\/p\u003e \u003cp\u003eSecurity technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. \u003ci\u003eThe Network Security Test Lab\u003c\/i\u003e is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers.\u003c\/p\u003e \u003cul\u003e \u003cli\u003eGet acquainted with your hardware, gear, and test platform\u003c\/li\u003e \u003cli\u003eLearn how attackers penetrate existing security systems\u003c\/li\u003e \u003cli\u003eDetect malicious activity and build effective defenses\u003c\/li\u003e \u003cli\u003eInvestigate and analyze attacks to inform defense strategy\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003e\u003ci\u003eThe Network Security Test Lab\u003c\/i\u003e is your complete, essential guide.\u003c\/p\u003e \u003cp\u003eIntroduction xxi\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 Building a Hardware and Software Test Platform 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy Build a Lab? 2\u003c\/p\u003e \u003cp\u003eHardware Requirements 4\u003c\/p\u003e \u003cp\u003ePhysical Hardware 5\u003c\/p\u003e \u003cp\u003eEquipment You Already Have 6\u003c\/p\u003e \u003cp\u003eNew Equipment Purchases 7\u003c\/p\u003e \u003cp\u003eUsed Equipment Purchases 7\u003c\/p\u003e \u003cp\u003eOnline Auctions 8\u003c\/p\u003e \u003cp\u003eThrift Stores 9\u003c\/p\u003e \u003cp\u003eCompany Sales 10\u003c\/p\u003e \u003cp\u003eVirtual Hardware 10\u003c\/p\u003e \u003cp\u003eVMware 12\u003c\/p\u003e \u003cp\u003eVirtualBox 15\u003c\/p\u003e \u003cp\u003eHacker Hardware 16\u003c\/p\u003e \u003cp\u003eSoftware Requirements 18\u003c\/p\u003e \u003cp\u003eOperating Systems 19\u003c\/p\u003e \u003cp\u003eMicrosoft Windows 19\u003c\/p\u003e \u003cp\u003eLinux 20\u003c\/p\u003e \u003cp\u003eNavigating in Linux 23\u003c\/p\u003e \u003cp\u003eLinux Basics 25\u003c\/p\u003e \u003cp\u003eMac Os X 28\u003c\/p\u003e \u003cp\u003eSoftware and Applications 28\u003c\/p\u003e \u003cp\u003eLearning Applications 29\u003c\/p\u003e \u003cp\u003eHacking Software 31\u003c\/p\u003e \u003cp\u003eSummary 32\u003c\/p\u003e \u003cp\u003eKey Terms 33\u003c\/p\u003e \u003cp\u003eExercises 34\u003c\/p\u003e \u003cp\u003eEquipment Checklist 34\u003c\/p\u003e \u003cp\u003eInstalling VMware Workstation 35\u003c\/p\u003e \u003cp\u003eExploring Linux Operating System Options 35\u003c\/p\u003e \u003cp\u003eUsing VMware to Build a Windows Image 35\u003c\/p\u003e \u003cp\u003eUsing VMware Converter to Create a Virtual Machine 36\u003c\/p\u003e \u003cp\u003eExploring Other Operating System Options 37\u003c\/p\u003e \u003cp\u003eRunning Kali from VMware 37\u003c\/p\u003e \u003cp\u003eInstalling Tools on Your Windows Virtual Machine 38\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Passive Information Gathering 39\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eStarting at the Source 40\u003c\/p\u003e \u003cp\u003eScrutinizing Key Employees 43\u003c\/p\u003e \u003cp\u003eDumpster Diving (Electronic) 45\u003c\/p\u003e \u003cp\u003eAnalyzing Web Page Coding 48\u003c\/p\u003e \u003cp\u003eExploiting Website Authentication Methods 51\u003c\/p\u003e \u003cp\u003eMining Job Ads and Analyzing Financial Data 53\u003c\/p\u003e \u003cp\u003eUsing Google to Mine Sensitive Information 56\u003c\/p\u003e \u003cp\u003eExploring Domain Ownership 57\u003c\/p\u003e \u003cp\u003eWhois 59\u003c\/p\u003e \u003cp\u003eRegional Internet Registries 61\u003c\/p\u003e \u003cp\u003eDomain Name System 63\u003c\/p\u003e \u003cp\u003eIdentifying Web Server Software 66\u003c\/p\u003e \u003cp\u003eWeb Server Location 69\u003c\/p\u003e \u003cp\u003eSummary 70\u003c\/p\u003e \u003cp\u003eKey Terms 70\u003c\/p\u003e \u003cp\u003eExercises 72\u003c\/p\u003e \u003cp\u003eIP Address and Domain Identification 72\u003c\/p\u003e \u003cp\u003eInformation Gathering 72\u003c\/p\u003e \u003cp\u003eGoogle Hacking 74\u003c\/p\u003e \u003cp\u003eBanner Grabbing 74\u003c\/p\u003e \u003cp\u003eTelnet 75\u003c\/p\u003e \u003cp\u003eNetcat 75\u003c\/p\u003e \u003cp\u003eVisualRoute 76\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Analyzing Network Traffic 77\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy Packet Analysis Is Important 77\u003c\/p\u003e \u003cp\u003eHow to Capture Network Traffic 78\u003c\/p\u003e \u003cp\u003ePromiscuous Mode 78\u003c\/p\u003e \u003cp\u003eHubs and Switches 79\u003c\/p\u003e \u003cp\u003eHubbing Out and Using Taps 79\u003c\/p\u003e \u003cp\u003eSwitches 79\u003c\/p\u003e \u003cp\u003eCapturing Network Traffic 82\u003c\/p\u003e \u003cp\u003eManaged and Unmanaged Switches 83\u003c\/p\u003e \u003cp\u003eARP Cache Poisoning 85\u003c\/p\u003e \u003cp\u003eFlooding 91\u003c\/p\u003e \u003cp\u003eDHCP Redirection 92\u003c\/p\u003e \u003cp\u003eRedirection and Interception with ICMP 94\u003c\/p\u003e \u003cp\u003ePreventing Packet Capture 94\u003c\/p\u003e \u003cp\u003eDynamic Address Inspection 95\u003c\/p\u003e \u003cp\u003eDHCP Snooping 95\u003c\/p\u003e \u003cp\u003ePreventing VLAN Hopping 96\u003c\/p\u003e \u003cp\u003eDetecting Packet Capture 97\u003c\/p\u003e \u003cp\u003eWireshark 99\u003c\/p\u003e \u003cp\u003eWireshark Basics 99\u003c\/p\u003e \u003cp\u003eFiltering and Decoding Traffic 102\u003c\/p\u003e \u003cp\u003eBasic Data Capture—A Layer-by-Layer Review 108\u003c\/p\u003e \u003cp\u003ePhysical—Data-Link Layer 108\u003c\/p\u003e \u003cp\u003eNetwork-Internet Layer 110\u003c\/p\u003e \u003cp\u003eTransport—Host-Host Layer 111\u003c\/p\u003e \u003cp\u003eApplication Layer 115\u003c\/p\u003e \u003cp\u003eOther Network Analysis Tools 115\u003c\/p\u003e \u003cp\u003eSummary 118\u003c\/p\u003e \u003cp\u003eKey Terms 118\u003c\/p\u003e \u003cp\u003eExercises 119\u003c\/p\u003e \u003cp\u003eFun with Packets 119\u003c\/p\u003e \u003cp\u003ePacket Analysis with tcpdump 120\u003c\/p\u003e \u003cp\u003ePacket Filters 121\u003c\/p\u003e \u003cp\u003eMaking a One-Way Data Cable 122\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Detecting Live Systems and Analyzing Results 125\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTCP\/IP Basics 125\u003c\/p\u003e \u003cp\u003eThe Network Access Layer 127\u003c\/p\u003e \u003cp\u003eThe Internet Layer 128\u003c\/p\u003e \u003cp\u003eThe Host-to-Host Layer 132\u003c\/p\u003e \u003cp\u003eTransmission Control Protocol 132\u003c\/p\u003e \u003cp\u003eUser Datagram Protocol 134\u003c\/p\u003e \u003cp\u003eThe Application Layer 134\u003c\/p\u003e \u003cp\u003eDetecting Live Systems with ICMP 138\u003c\/p\u003e \u003cp\u003eICMP—Ping 138\u003c\/p\u003e \u003cp\u003eTraceroute 142\u003c\/p\u003e \u003cp\u003ePort Scanning 147\u003c\/p\u003e \u003cp\u003eTCP and UDP Port Scanning 147\u003c\/p\u003e \u003cp\u003eAdvanced Port-Scanning Techniques 151\u003c\/p\u003e \u003cp\u003eIdle Scan 151\u003c\/p\u003e \u003cp\u003eAnalyzing Port Scans 155\u003c\/p\u003e \u003cp\u003ePort-Scanning Tools 156\u003c\/p\u003e \u003cp\u003eNmap 157\u003c\/p\u003e \u003cp\u003eSuperScan 160\u003c\/p\u003e \u003cp\u003eOther Scanning Tools 161\u003c\/p\u003e \u003cp\u003eOS Fingerprinting 161\u003c\/p\u003e \u003cp\u003ePassive Fingerprinting 162\u003c\/p\u003e \u003cp\u003eActive Fingerprinting 164\u003c\/p\u003e \u003cp\u003eHow Nmap OS Fingerprinting Works 165\u003c\/p\u003e \u003cp\u003eScanning Countermeasures 167\u003c\/p\u003e \u003cp\u003eSummary 171\u003c\/p\u003e \u003cp\u003eKey Terms 171\u003c\/p\u003e \u003cp\u003eExercises 172\u003c\/p\u003e \u003cp\u003eUnderstanding Wireshark 172\u003c\/p\u003e \u003cp\u003eInterpreting TCP Flags 174\u003c\/p\u003e \u003cp\u003ePerforming an ICMP Packet Decode 175\u003c\/p\u003e \u003cp\u003ePort Scanning with Nmap 176\u003c\/p\u003e \u003cp\u003eTraceroute 177\u003c\/p\u003e \u003cp\u003eAn Analysis of a Port Scan 178\u003c\/p\u003e \u003cp\u003eOS Fingerprinting 179\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 Enumerating Systems 181\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEnumeration 181\u003c\/p\u003e \u003cp\u003eRouter and Firewall Enumeration 182\u003c\/p\u003e \u003cp\u003eRouter Enumeration 182\u003c\/p\u003e \u003cp\u003eFirewall Enumeration 187\u003c\/p\u003e \u003cp\u003eRouter and Firewall Enumeration Countermeasures 191\u003c\/p\u003e \u003cp\u003eWindows Enumeration 191\u003c\/p\u003e \u003cp\u003eServer Message Block and Interprocess Communication 194\u003c\/p\u003e \u003cp\u003eEnumeration and the IPC$ Share 195\u003c\/p\u003e \u003cp\u003eWindows Enumeration Countermeasures 195\u003c\/p\u003e \u003cp\u003eLinux\/Unix Enumeration 196\u003c\/p\u003e \u003cp\u003eEnumeration of Application Layer Protocols 197\u003c\/p\u003e \u003cp\u003eSimple Network Management Protocol 197\u003c\/p\u003e \u003cp\u003eSNMP Enumeration Countermeasures 200\u003c\/p\u003e \u003cp\u003eEnumeration of Other Applications 200\u003c\/p\u003e \u003cp\u003eAdvanced Enumeration 202\u003c\/p\u003e \u003cp\u003eSCADA Systems 202\u003c\/p\u003e \u003cp\u003eUser Agent Strings 210\u003c\/p\u003e \u003cp\u003eMapping the Attack Surface 213\u003c\/p\u003e \u003cp\u003ePassword Speculation and Cracking 213\u003c\/p\u003e \u003cp\u003eSniffing Password Hashes 216\u003c\/p\u003e \u003cp\u003eExploiting a Vulnerability 218\u003c\/p\u003e \u003cp\u003eProtecting Passwords 221\u003c\/p\u003e \u003cp\u003eSummary 221\u003c\/p\u003e \u003cp\u003eKey Terms 222\u003c\/p\u003e \u003cp\u003eExercises 223\u003c\/p\u003e \u003cp\u003eSNMP Enumeration 223\u003c\/p\u003e \u003cp\u003eEnumerating Routing Protocols 225\u003c\/p\u003e \u003cp\u003eEnumeration with DumpSec 227\u003c\/p\u003e \u003cp\u003eIdentifying User Agent Strings 227\u003c\/p\u003e \u003cp\u003eBrowser Enumeration 229\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Automating Encryption and Tunneling Techniques 231\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEncryption 232\u003c\/p\u003e \u003cp\u003eSecret Key Encryption 233\u003c\/p\u003e \u003cp\u003eData Encryption Standard 235\u003c\/p\u003e \u003cp\u003eTriple DES 236\u003c\/p\u003e \u003cp\u003eAdvanced Encryption Standard 237\u003c\/p\u003e \u003cp\u003eOne‐Way Functions (Hashes) 237\u003c\/p\u003e \u003cp\u003emd Series 238\u003c\/p\u003e \u003cp\u003eSha 238\u003c\/p\u003e \u003cp\u003ePublic Key Encryption 238\u003c\/p\u003e \u003cp\u003eRsa 239\u003c\/p\u003e \u003cp\u003eDiffie‐Hellman 239\u003c\/p\u003e \u003cp\u003eEl Gamal 240\u003c\/p\u003e \u003cp\u003eElliptic Curve Cryptography 240\u003c\/p\u003e \u003cp\u003eHybrid Cryptosystems 241\u003c\/p\u003e \u003cp\u003ePublic Key Authentication 241\u003c\/p\u003e \u003cp\u003ePublic Key Infrastructure 242\u003c\/p\u003e \u003cp\u003eCertificate Authority 242\u003c\/p\u003e \u003cp\u003eRegistration Authority 242\u003c\/p\u003e \u003cp\u003eCertificate Revocation List 243\u003c\/p\u003e \u003cp\u003eDigital Certificates 243\u003c\/p\u003e \u003cp\u003eCertificate Distribution System 244\u003c\/p\u003e \u003cp\u003eEncryption Role in Authentication 244\u003c\/p\u003e \u003cp\u003ePassword Authentication 245\u003c\/p\u003e \u003cp\u003ePassword Hashing 246\u003c\/p\u003e \u003cp\u003eChallenge‐Response 249\u003c\/p\u003e \u003cp\u003eSession Authentication 250\u003c\/p\u003e \u003cp\u003eSession Cookies 250\u003c\/p\u003e \u003cp\u003eBasic Authentication 251\u003c\/p\u003e \u003cp\u003eCertificate‐Based Authentication 251\u003c\/p\u003e \u003cp\u003eTunneling Techniques to Obscure Traffic 252\u003c\/p\u003e \u003cp\u003eInternet Layer Tunneling 252\u003c\/p\u003e \u003cp\u003eTransport Layer Tunneling 254\u003c\/p\u003e \u003cp\u003eApplication Layer Tunneling 256\u003c\/p\u003e \u003cp\u003eAttacking Encryption and Authentication 259\u003c\/p\u003e \u003cp\u003eExtracting Passwords 259\u003c\/p\u003e \u003cp\u003ePassword Cracking 260\u003c\/p\u003e \u003cp\u003eDictionary Attack 261\u003c\/p\u003e \u003cp\u003eBrute‐Force Attack 261\u003c\/p\u003e \u003cp\u003eRainbow Table 263\u003c\/p\u003e \u003cp\u003eOther Cryptographic Attacks 263\u003c\/p\u003e \u003cp\u003eSummary 264\u003c\/p\u003e \u003cp\u003eKey Terms 264\u003c\/p\u003e \u003cp\u003eExercises 266\u003c\/p\u003e \u003cp\u003eCrypTool 266\u003c\/p\u003e \u003cp\u003eExtract an E‐mail Username and Password 268\u003c\/p\u003e \u003cp\u003eRainbowCrack 268\u003c\/p\u003e \u003cp\u003eJohn the Ripper 270\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Automated Attack and Penetration Tools 273\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy Attack and Penetration Tools Are Important 274\u003c\/p\u003e \u003cp\u003eVulnerability Assessment Tools 274\u003c\/p\u003e \u003cp\u003eSource Code Assessment Tools 275\u003c\/p\u003e \u003cp\u003eApplication Assessment Tools 276\u003c\/p\u003e \u003cp\u003eSystem Assessment Tools 276\u003c\/p\u003e \u003cp\u003eAttributes of a Good System Assessment Tool 278\u003c\/p\u003e \u003cp\u003eNessus 279\u003c\/p\u003e \u003cp\u003eAutomated Exploit Tools 286\u003c\/p\u003e \u003cp\u003eMetasploit 286\u003c\/p\u003e \u003cp\u003eArmitage 287\u003c\/p\u003e \u003cp\u003eMetasploit Console 288\u003c\/p\u003e \u003cp\u003eMetasploit Command‐Line Interface 289\u003c\/p\u003e \u003cp\u003eUpdating Metasploit 290\u003c\/p\u003e \u003cp\u003eBeEF 290\u003c\/p\u003e \u003cp\u003eCore Impact 291\u003c\/p\u003e \u003cp\u003eCanvas 292\u003c\/p\u003e \u003cp\u003eDetermining Which Tools to Use 292\u003c\/p\u003e \u003cp\u003ePicking the Right Platform 292\u003c\/p\u003e \u003cp\u003eSummary 293\u003c\/p\u003e \u003cp\u003eKey Terms 294\u003c\/p\u003e \u003cp\u003eExercises 294\u003c\/p\u003e \u003cp\u003eExploring N‐Stalker, a Vulnerability Assessment Tool 294\u003c\/p\u003e \u003cp\u003eExploring Searchsploit on Kali Linux 295\u003c\/p\u003e \u003cp\u003eMetasploit Kali 296\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Securing Wireless Systems 299\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWi-Fi Basics 300\u003c\/p\u003e \u003cp\u003eWireless Clients and NICs 301\u003c\/p\u003e \u003cp\u003eWireless Access Points 302\u003c\/p\u003e \u003cp\u003eWireless Communication Standards 302\u003c\/p\u003e \u003cp\u003eBluetooth Basics 304\u003c\/p\u003e \u003cp\u003eWi-Fi Security 305\u003c\/p\u003e \u003cp\u003eWired Equivalent Privacy 305\u003c\/p\u003e \u003cp\u003eWi-Fi Protected Access 307\u003c\/p\u003e \u003cp\u003e802.1x Authentication 309\u003c\/p\u003e \u003cp\u003eWireless LAN Threats 310\u003c\/p\u003e \u003cp\u003eWardriving 310\u003c\/p\u003e \u003cp\u003eNetStumbler 312\u003c\/p\u003e \u003cp\u003eKismet 314\u003c\/p\u003e \u003cp\u003eEavesdropping 314\u003c\/p\u003e \u003cp\u003eRogue and Unauthorized Access Points 318\u003c\/p\u003e \u003cp\u003eDenial of Service 319\u003c\/p\u003e \u003cp\u003eExploiting Wireless Networks 320\u003c\/p\u003e \u003cp\u003eFinding and Assessing the Network 320\u003c\/p\u003e \u003cp\u003eSetting Up Airodump 321\u003c\/p\u003e \u003cp\u003eConfiguring Aireplay 321\u003c\/p\u003e \u003cp\u003eDeauthentication and ARP Injection 322\u003c\/p\u003e \u003cp\u003eCapturing IVs and Cracking the WEP KEY 322\u003c\/p\u003e \u003cp\u003eOther Wireless Attack Tools 323\u003c\/p\u003e \u003cp\u003eExploiting Bluetooth 324\u003c\/p\u003e \u003cp\u003eSecuring Wireless Networks 324\u003c\/p\u003e \u003cp\u003eDefense in Depth 325\u003c\/p\u003e \u003cp\u003eMisuse Detection 326\u003c\/p\u003e \u003cp\u003eSummary 326\u003c\/p\u003e \u003cp\u003eKey Terms 327\u003c\/p\u003e \u003cp\u003eExercises 328\u003c\/p\u003e \u003cp\u003eUsing NetStumbler 328\u003c\/p\u003e \u003cp\u003eUsing Wireshark to Capture Wireless Traffic 329\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 An Introduction to Malware 331\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHistory of Malware 331\u003c\/p\u003e \u003cp\u003eTypes of Malware 334\u003c\/p\u003e \u003cp\u003eViruses 334\u003c\/p\u003e \u003cp\u003eWorms 337\u003c\/p\u003e \u003cp\u003eLogic Bombs 338\u003c\/p\u003e \u003cp\u003eBackdoors and Trojans 338\u003c\/p\u003e \u003cp\u003ePackers, Crypters, and Wrappers 340\u003c\/p\u003e \u003cp\u003eRootkits 343\u003c\/p\u003e \u003cp\u003eCrimeware Kits 345\u003c\/p\u003e \u003cp\u003eBotnets 347\u003c\/p\u003e \u003cp\u003eAdvanced Persistent Threats 350\u003c\/p\u003e \u003cp\u003eSpyware and Adware 350\u003c\/p\u003e \u003cp\u003eCommon Attack Vectors 351\u003c\/p\u003e \u003cp\u003eSocial Engineering 351\u003c\/p\u003e \u003cp\u003eFaking It! 352\u003c\/p\u003e \u003cp\u003ePretending through Email 352\u003c\/p\u003e \u003cp\u003eDefenses against Malware 353\u003c\/p\u003e \u003cp\u003eAntivirus 353\u003c\/p\u003e \u003cp\u003eFile Integrity Verification 355\u003c\/p\u003e \u003cp\u003eUser Education 355\u003c\/p\u003e \u003cp\u003eSummary 356\u003c\/p\u003e \u003cp\u003eKey Terms 356\u003c\/p\u003e \u003cp\u003eExercises 357\u003c\/p\u003e \u003cp\u003eVirus Signatures 357\u003c\/p\u003e \u003cp\u003eBuilding Trojans 358\u003c\/p\u003e \u003cp\u003eRootkits 358\u003c\/p\u003e \u003cp\u003eFinding Malware 362\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 Detecting Intrusions and Analyzing Malware 365\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAn Overview of Intrusion Detection 365\u003c\/p\u003e \u003cp\u003eIDS Types and Components 367\u003c\/p\u003e \u003cp\u003eIDS Engines 368\u003c\/p\u003e \u003cp\u003eAn Overview of Snort 370\u003c\/p\u003e \u003cp\u003ePlatform Compatibility 371\u003c\/p\u003e \u003cp\u003eLimiting Access to the IDS 371\u003c\/p\u003e \u003cp\u003eVerification of Configuration 372\u003c\/p\u003e \u003cp\u003eBuilding Snort Rules 373\u003c\/p\u003e \u003cp\u003eThe Rule Header 374\u003c\/p\u003e \u003cp\u003eLogging with Snort 375\u003c\/p\u003e \u003cp\u003eRule Options 376\u003c\/p\u003e \u003cp\u003eAdvanced Snort: Detecting Buffer Overflows 377\u003c\/p\u003e \u003cp\u003eResponding to Attacks and Intrusions 379\u003c\/p\u003e \u003cp\u003eAnalyzing Malware 381\u003c\/p\u003e \u003cp\u003eTracking Malware to Its Source 382\u003c\/p\u003e \u003cp\u003eIdentifying Domains and Malicious Sites 382\u003c\/p\u003e \u003cp\u003eBuilding a Testbed 386\u003c\/p\u003e \u003cp\u003eVirtual and Physical Targets 386\u003c\/p\u003e \u003cp\u003eOperating Systems 387\u003c\/p\u003e \u003cp\u003eNetwork Isolation 387\u003c\/p\u003e \u003cp\u003eTestbed Tools 388\u003c\/p\u003e \u003cp\u003eMalware Analysis Techniques 390\u003c\/p\u003e \u003cp\u003eStatic Analysis 390\u003c\/p\u003e \u003cp\u003eDynamic Analysis 394\u003c\/p\u003e \u003cp\u003eSummary 397\u003c\/p\u003e \u003cp\u003eKey Terms 397\u003c\/p\u003e \u003cp\u003eExercises 398\u003c\/p\u003e \u003cp\u003eBuilding a Snort Windows System 398\u003c\/p\u003e \u003cp\u003eAnalyzing Malware Communication 400\u003c\/p\u003e \u003cp\u003eAnalyzing Malware with VirusTotal 401\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11 Forensic Detection 403\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eComputer Forensics 404\u003c\/p\u003e \u003cp\u003eAcquisition 405\u003c\/p\u003e \u003cp\u003eDrive Removal and Hashing 407\u003c\/p\u003e \u003cp\u003eDrive-Wiping 409\u003c\/p\u003e \u003cp\u003eLogical and Physical Copies 410\u003c\/p\u003e \u003cp\u003eLogical Copies 411\u003c\/p\u003e \u003cp\u003ePhysical Copies 411\u003c\/p\u003e \u003cp\u003eImaging the Drive 412\u003c\/p\u003e \u003cp\u003eAuthentication 413\u003c\/p\u003e \u003cp\u003eTrace-Evidence Analysis 416\u003c\/p\u003e \u003cp\u003eBrowser Cache 418\u003c\/p\u003e \u003cp\u003eEmail Evidence 419\u003c\/p\u003e \u003cp\u003eDeleted or Overwritten Files and Evidence 421\u003c\/p\u003e \u003cp\u003eOther Trace Evidence 422\u003c\/p\u003e \u003cp\u003eHiding Techniques 422\u003c\/p\u003e \u003cp\u003eCommon File-Hiding Techniques 423\u003c\/p\u003e \u003cp\u003eAdvanced File-Hiding Techniques 425\u003c\/p\u003e \u003cp\u003eSteganography 426\u003c\/p\u003e \u003cp\u003eDetecting Steganographic Tools 429\u003c\/p\u003e \u003cp\u003eAntiforensics 430\u003c\/p\u003e \u003cp\u003eSummary 431\u003c\/p\u003e \u003cp\u003eKey Terms 431\u003c\/p\u003e \u003cp\u003eExercises 432\u003c\/p\u003e \u003cp\u003eDetecting Hidden Files 432\u003c\/p\u003e \u003cp\u003eBasic File-Hiding 432\u003c\/p\u003e \u003cp\u003eAdvanced File-Hiding 433\u003c\/p\u003e \u003cp\u003eReading Email Headers 433\u003c\/p\u003e \u003cp\u003eUse S-Tools to Embed and Encrypt a Message 435\u003c\/p\u003e \u003cp\u003eIndex 439\u003c\/p\u003e   \u003cp\u003e\u003cb\u003eMICHAEL GREGG\u003c\/b\u003e is CEO of Superior Solutions. He is the author of twenty security books, including Security+ Street Smarts, and a regular contributor to Huffington Post, SearchNetworking.com, and other periodicals. During his twenty years working in security, networking, and Internet technology, he has testified before U.S. Congress and has developed a variety of learning tools for colleges and training organizations.      \u003c\/p\u003e\u003cp\u003e\u003cb\u003eA practitioner's guide to achieving critical network security\u003c\/b\u003e  \u003c\/p\u003e\u003cp\u003e\u003ci\u003eThe Network Security Test Lab\u003c\/i\u003e sets you up for success defending your company's network against a full complement of today's most-damaging malware, viruses, and other attack technologies. Written to be a practitioner's tool, this convenient resource will show you how to dissect network packets and gives you reliable strategies for defending against a variety of threats—including network attacks, crimeware, malware, and the most-prevalent malicious traffic—and trains you on the software used by the top experts in the field to implement your unique plan, including Wireshark, Networkminer, Nmap, Metasploit, and more.  \u003c\/p\u003e\u003cp\u003eStep-by-step instruction begins with explaining how to accurately assess your network's security and establish processes to test penetration. Keep your security strong by setting up your own security-testing lab inside where you can simulate attacks in isolation to observe how systems are targeted and to customize better defenses to stop them.  \u003c\/p\u003e\u003cp\u003e\u003cb\u003e\u003ci\u003eThis complete guide is your introduction to mastering:\u003c\/i\u003e\u003c\/b\u003e  \u003c\/p\u003e\u003cul\u003e \u003cli\u003eThe best hardware and gear to develop your own test platform\u003c\/li\u003e \u003cli\u003eAll the ways attackers penetrate vulnerable security systems\u003c\/li\u003e \u003cli\u003eDetection of malicious activity and effective defense responses\u003c\/li\u003e \u003cli\u003eDefense-strategy authoring based on investigation and analysis\u003c\/li\u003e \u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47990293889253,"sku":"NP9781118987056","price":50.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781118987056.jpg?v=1761787238","url":"https:\/\/k12savings.com\/es\/products\/the-network-security-test-lab-isbn-9781118987056","provider":"K12savings","version":"1.0","type":"link"}