Verfügbarkeit: Network forensics

Network forensics: tracking hackers through cyberspace

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Davidoff, Sherri (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Upper Saddle River, NJ [u.a.] Prentice Hall 2012
Schlagworte:	Computer crimes > Investigation Computer hackers Forensic sciences Computer crimes > Investigation > Case studies Computerforensik Internet Fallstudiensammlung
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	XXVII, 545 S. Ill., graph. Darst.
ISBN:	9780132564717 0132564718

Internformat

MARC


LEADER	00000nam a2200000zc 4500
001	BV040287134
003	DE-604
005	20121213
007	t
008	120702s2012 xxuad\|\| \|\|\|\| 00\|\|\| eng d
010			\|a 2012014889
020			\|a 9780132564717 \|c hbk. \|9 978-0-13-256471-7
020			\|a 0132564718 \|c hardcover : alk. paper \|9 0-13-256471-8
035			\|a (OCoLC)802533569
035			\|a (DE-599)BVBBV040287134
040			\|a DE-604 \|b ger \|e aacr
041	0		\|a eng
044			\|a xxu \|c US
049			\|a DE-739 \|a DE-91G \|a DE-706 \|a DE-Aug4
050		0	\|a HV8079.C65
082	0		\|a 363.25/968
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
084			\|a DAT 461f \|2 stub
084			\|a DAT 055f \|2 stub
100	1		\|a Davidoff, Sherri \|e Verfasser \|4 aut
245	1	0	\|a Network forensics \|b tracking hackers through cyberspace \|c Sherri Davidoff ; Jonathan Ham
264		1	\|a Upper Saddle River, NJ [u.a.] \|b Prentice Hall \|c 2012
300			\|a XXVII, 545 S. \|b Ill., graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650		4	\|a Computer crimes \|x Investigation
650		4	\|a Computer hackers
650		4	\|a Forensic sciences
650		4	\|a Computer crimes \|x Investigation \|v Case studies
650	0	7	\|a Computerforensik \|0 (DE-588)4774034-6 \|2 gnd \|9 rswk-swf
650	0	7	\|a Internet \|0 (DE-588)4308416-3 \|2 gnd \|9 rswk-swf
655		7	\|0 (DE-588)4522595-3 \|a Fallstudiensammlung \|2 gnd-content
689	0	0	\|a Computerforensik \|0 (DE-588)4774034-6 \|D s
689	0	1	\|a Internet \|0 (DE-588)4308416-3 \|D s
689	0		\|5 DE-604
700	1		\|a Ham, Jonathan \|e Sonstige \|4 oth
856	4	2	\|m Digitalisierung UB Passau \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025142392&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-025142392

Datensatz im Suchindex

_version_	1804149299015057408
adam_text	Contents Preface 0.1 The Changing Landscape 0.2 Organization 0.2.1 Part 1, Foundation 0.2.2 Part II, Traffic Analysis 0.2.3 Part III, Network Devices and Servers 0.2.4 Part IV, Advanced Topics 0.3 Tools 0.4 Case Studies 0.5 Errata О.б Final Notes Foreword xvii xix xix xxi xxi xxii xxii xxiii xxiii xxiii xxiv xxiv Acknowledgments xxv About the Authors xxvii Part I Foundation 1 Chapter 1 Practical Investigative Strategies 3 1.1 Rea I-World Cases 3 1.1.1 Hospital Laptop Goes Missing 4 1.1.2 Catching a Corporate Pirate 6 1.1.3 Hacked Government Server 7 1.2 Footprints 8 1.3 Concepts in Digital Evidence 9 1.3.1 Real Evidence 10 1.3.2 Best Evidence 11 1.3.3 Direct Evidence 12 1.3.4 Circumstantial Evidence 12 1.3.5 Hearsay 13 1.3.6 Business Records 14 1.3.7 Digital Evidence 15 1.3.8 Network-Based Digital Evidence 15 vii 1.4 Challenges Relating to Network Evidence 1.5 Network Forensics Investigative Methodology (OSCAR) 1.5.1 Obtain Information 1.5.2 Strategize 1.5.3 Collect Evidence 1.5.4 Analyze 1.5.5 Report 1.6 Conclusion 16 17 17 18 19 20 21 22 Chapter 2 Technical Fundamentals 23 2.1 Sources of Network-Based Evidence 23 2.1.1 On the Wire 24 2.1.2 In the Air 24 2.1.3 Switches 25 2.1.4 Routers 25 2.1.5 DHCP Servers 26 2.1.6 Name Servers 26 2.1.7 Authentication Servers 27 2.1.8 Network Intrusion Detection/Prevention Systems 27 2.1.9 Firewalls 27 2.1.10 Web Proxies 28 2.1.11 Application Servers 29 2.1.12 Central Log Servers 29 2.2 Principles of Internetworking 30 2.2.1 Protocols 30 2.2.2 Open Systems Interconnection Model 31 2.2.3 Example: Around the World ... and Back 33 2.3 Internet Protocol Suite 35 2.3.1 Early History and Development of the Internet Protocol Suite 36 2.3.2 Internet Protocol 37 2.3.3 Transmission Control Protocol 41 2.3.4 User Datagram Protocol 43 2.4 Conclusion 44 Chapter 3 Evidence Acquisition 45 3.1 Physical Interception 46 3.1.1 Cables 46 3.1.2 Radio Frequency 50 3.1.3 Hubs 51 3.1.4 Switches 52 3.2 Traffic Acquisition Software 54 3.2.1 libpcap and WinPcap 55 3.2.2 The Berkeley Packet Filter (BPF) Language 55 3.2.3 tcpdump 59 3.2.4 Wireshark 64 3.2.5 tshark 64 3.2.6 dumpcap 64 3.3 Active Acquisition 65 3.3.1 Common Interfaces 66 3.3.2 Inspection Without Access 70 3.3.3 Strategy 71 3.4 Conclusion 72 Part II Traffic Analysis 73 Chapter 4 Packet Analysis 75 4.1 Protocol Analysis 76 4.1.1 Where to Get Information on Protocols 76 4.1.2 Protocol Analysis Tools 79 4.1.3 Protocol Analysis Techniques 82 4.2 Packet Analysis 95 4.2.1 Packet Analysis Tools 96 4.2.2 Packet Analysis Techniques 99 4.3 Flow Analysis 103 4.3.1 Flow Analysis Tools 105 4.3.2 Flow Analysis Techniques 109 4.4 Higher-Layer Traffic Analysis 120 4.4.1 A Few Common Higher-Layer Protocols 120 4.4.2 Higher-Layer Analysis Tools 129 4.4.3 Higher-Layer Analysis Techniques 131 4.5 Conclusion 133 4.6 Case Study: Ann s Rendezvous 135 4.6.1 Analysis: Protocol Summary 135 4.6.2 DHCP Traffic 136 4.6.3 Keyword Search 138 4.6.4 SMTP Analysis—Wireshark 141 4.6.5 SMTP Analysis—TCPFlow 143 4.6.6 SMTP Analysis — Attachment File Carving 146 4.6.7 Viewing the Attachment 147 4.6.8 Finding Ann the Easy Way 150 4.6.9 Timeline 154 4.6.10 Theory of the Case 155 4.6.11 Response to Challenge Questions 155 4.6.12 Next Steps 157 Chapter 5 Statistical Flow Analysis 159 5.1 Process Overview 160 5.2 Sensors 161 5.2.1 Sensor Types 162 5.2.2 Sensor Software 163 5.2.3 Sensor Placement 164 5.4.2 Collection Systems 5.5 Analysis 5.5.1 Flow Record Analysis Techniques 5.5.2 Flow Record Analysis Tools 5.6 Conclusion 5.7 Case Study : The Curious Mr. X 5.7.1 Analysis: First Steps 5.7.2 External Attacker and Port 22 Traffic 5.7.3 The DMZ Victim— 10.30.30.20 (aka 172.30.1.231) 5.7.4 The Internal Victim— 192.30.1.101 5.7.5 Timeline 5.7.6 Theory of the Case 5.7.7 Response to Challenge Questions 5.7.8 Next Steps x Contents 5.2.4 Modifying the Environment 165 5.3 Flow Record Export Protocols 166 5.3.1 NetFlow 166 5.3.2 IPFIX 167 5.3.3 sFlow 167 5.4 Collection and Aggregation 168 5.4.1 Collector Placement and Architecture 169 170 172 172 177 183 184 185 186 189 193 194 195 196 196 Chapter 6 Wireless: Network Forensics Unplugged 199 6.1 The IEEE Layer 2 Protocol Series 201 6.1.1 Why So Many Layer 2 Protocols? 201 6.1.2 The 802.11 Protocol Suite 202 6.1.3 802. IX 212 6.2 Wireless Access Points (WAPs) 214 6.2.1 Why Investigate Wireless Access Points? 214 6.2.2 Types of Wireless Access Points 215 6.2.3 WAP Evidence 218 6.3 Wireless Traffic Capture and Analysis 219 6.3.1 Spectrum Analysis 220 6.3.2 Wireless Passive Evidence Acquisition 221 6.3.3 Analyzing 802.11 Efficiently 222 6.4 Common Attacks 224 6.4.1 Sniffing 224 6.4.2 Rogue Wireless Access Points 225 6.4.3 Evil Twin 227 6.4.4 WEP Cracking 228 6.5 Locating Wireless Devices 229 6.5.1 Gather Station Descriptors 229 6.5.2 Identify Nearby Wireless Access Points 229 6.5.3 Signal Strength 231 6.5.4 Commercial Enterprise Tools 233 6.5.5 Skyhook 6.6 Conclusion 6.7 Case Study : НаскМе, Inc. 6.7.1 Inspecting the WAP 6.7.2 Quick-and-Dirty Statistics 6.7.3 A Closer Look at the Management Frames 6.7.4 A Possible Bad Actor 6.7.5 Timeline 6.7.6 Theory of the Case 6.7.7 Response to Challenge Questions 6.7.8 Next Steps Contents xi 233 235 236 236 242 248 250 251 252 253 255 Chapter 7 Network Intrusion Detection and Analysis 257 7.1 Why Investigate NIDS/NIPS? 258 7.2 Typical NIDS/NIPS Functionality 258 7.2.1 Sniffing 259 7.2.2 Higher-Layer Protocol Awareness 259 7.2.3 Alerting on Suspicious Bits 260 7.3 Modes of Detection 261 7.3.1 Signature-Based Analysis 261 7.3.2 Protocol Awareness 261 7.3.3 Behavioral Analysis 261 7.4 Types of NIDS/NIPSs 262 7.4.1 Commercial 262 7.4.2 Roll-Your-Own 263 7.5 NIDS/NIPS Evidence Acquisition 264 7.5.1 Types of Evidence 264 7.5.2 NIDS/NIPS Interfaces 266 7.6 Comprehensive Packet Logging 267 7.7 Snort 268 268 269 269 273 275 276 277 278 279 281 283 284 285 286 287 7.7.1 Basic Architecture 7.7.2 Configuration 7.7.3 Snort Rule Language 7.7.4 Examples 7.8 Conclusion 7.9 Case Study : InterOptic Saves the Planet (Part 1 of 2) 7.9.1 Analysis: Snort Alert 7.9.2 Initial Packet Analysis 7.9.3 Snort Rule Analysis 7.9.4 Carving a Suspicous File from Snort Capture 7.9.5 INFO Web Bug Alert 7.9.6 Tcp Window Scale Option Alert 7.9.7 Timeline 7.9.8 Theory of the Case 7.9.9 Next Steps xü Contents Part III Network Devices and Servers 289 Chapter 8 Event Log Aggregation, Correlation, and Analysis 291 8.1 Sources of Logs 292 8.1.1 Operating System Logs 292 8.1.2 Application Logs 300 8.1.3 Physical Device Logs 302 8.1.4 Network Equipment Logs 305 8.2 Network Log Architecture 306 8.2.1 Three Types of Logging Architectures 306 8.2.2 Remote Logging: Common Pitfalls and Strategies 308 8.2.3 Log Aggregation and Analysis Tools 309 8.3 Collecting and Analyzing Evidence 311 8.3.1 Obtain Information 311 313 314 316 317 317 318 319 319 322 323 324 325 328 330 332 332 333 335 336 336 337 337 338 338 340 340 341 341 343 344 8.3.2 Strategize 8.3.3 Collect Evidence 8.3.4 Analyze 8.3.5 Report 8.4 Conclusion 8.5 Case Study ■: LOne Sh4rk s Revenge 8.5.1 Analysis: First Steps 8.5.2 Visualizing Failed Login Attempts 8.5.3 Targeted Accounts 8.5.4 Successful Logins 8.5.5 Activity Following Compromise 8.5.6 Firewall Logs 8.5.7 The Internal Victim— 192.30.1.101 8.5.8 Timeline 8.5.9 Theory of the Case 8.5.10 Response to Challenge Questions 8.5.11 Next Steps Chapter 9 Switches, Routers, and Firewalls 9.1 Storage Media 9.2 Switches 9.2.1 Why Investigate Switches? 9.2.2 Content-Add ressa ble Memory Table 9.2.3 Address Resolution Protocol 9.2.4 Types of Switches 9.2.5 Switch Evidence 9.3 Routers 9.3.1 Why Investigate Routers? 9.3.2 Types of Routers 9.3.3 Router Evidence 9.4 Firewalls Contents xm 344 344 347 348 348 349 350 351 351 352 352 353 354 355 355 356 357 358 359 360 364 365 367 367 Chapter 10 Web Proxies 369 10.1 Why Investigate Web Proxies? 369 10.2 Web Proxy Functionality 371 10.2.1 Caching 371 10.2.2 URI Filtering 373 10.2.3 Content Filtering 373 10.2.4 Distributed Caching 374 10.3 Evidence 375 10.3.1 Types of Evidence 375 10.3.2 Obtaining Evidence 376 10.4 Squid 377 10.4.1 Squid Configuration 377 10.4.2 Squid Access Logfile 378 10.4.3 Squid Cache 379 10.5 Web Proxy Analysis 381 10.5.1 Web Proxy Log Analysis Tools 381 10.5.2 Example: Dissecting a Squid Disk Cache 384 10.6 Encrypted Web Traffic 392 10.6.1 Transport Layer Security (TLS) 394 10.6.2 Gaining Access to Encrypted Content 396 9. .4.1 Why Investigate Firewalls? 9 .4.2 Types of Firewalls 9. .4.3 Firewall Evidence 9.5 Interfaces 9 .5.1 Web Interface 9 .5.2 Console Command-Line Interface (CLI) 9.5.3 Remote Command-Line Interface 9 .5.4 Simple Network Management Protocol (SNMP) 9.5.5 Proprietary Interface 9.6 Logging 9 .6.1 Local Logging 9 .6.2 Simple Network Management Protocol 9 .6.3 syslog 9 .6.4 Authentication, Authorization, and Accounting Logging 9.7 Conclusion 9.8 Case Study: Ann s Coffee Ring 9 .8.1 Firewall Diagnostic Commands 9 .8.2 DHCP Server Logs 9 .8.3 The Firewall ACLs 9 .8.4 Firewall Log Analysis 9 .8.5 Timeline 9 .8.6 Theory of the Case 9 .8.7 Responses to Challenge Questions 9 .8.8 Next Steps 10.6. .3 Commercial TLS/SSL Interception Tools 10.7 Conclusion 10.8 Case Study: InterOptic Saves the Planet (Part 2 of 2) 10.8. .1 Analysis: pwny.jpg 10.8. .2 Squid Cache Page Extraction 10.8. .3 Squid Access.log File 10.8. .4 Further Squid Cache Analysis 10.8. 5 Timeline 10.8. 6 Theory of the Case 10.8. .7 Response to Challenge Questions 10.8. .8 Next Steps xiv Contents 400 401 402 403 405 408 411 415 417 418 419 Part IV Advanced Topics 421 Chapter 11 Network Tunneling 423 11.1 Tunneling for Functionality 423 11.1.1 Background: VLAN Trunking 424 11.1.2 Inter-Switch Link (ISL) 424 11.1.3 Generic Routing Encapsulation (GRE) 425 11.1.4 IPv6 over IPv4 with Teredo 425 11.1.5 Implications for the Investigator 426 11.2 Tunneling for Confidentiality 427 11.2.1 Internet Protocol Security (IPsec) 427 11.2.2 Transport Layer Security (TLS) and Secure Socket Layer (SSL) 428 11.2.3 Implications for the Investigator 430 11.3 Covert Tunneling 430 11.3.1 Covert Tunneling Strategies 430 11.3.2 TCP Sequence Numbers 430 11.3.3 DNS Tunnels 431 11.3.4 ICMP Tunnels 432 11.3.5 Example: ICMP Tunnel Analysis 434 11.3.6 Implications for the Investigator 438 11.4 Conclusion 439 11.5 Case Study: Ann Tunnels Underground 441 11.5.1 Analysis: Protocol Statistics 442 11.5.2 DNS Analysis 443 11.5.3 Quest for Tunneled IP Packets 446 11.5.4 Tunneled IP Packet Analysis 451 11.5.5 Tunneled TCP Segment Analysis 454 11.5.6 Timeline 456 11.5.7 Theory of the Case 456 11.5.8 Response to Challenge Questions 458 11.5.9 Next Steps 459 Contents xv Chapter 12 Malware Forensics 461 12.1 Trends in Malware Evolution 462 12.1.1 Botnets 462 12.1.2 Encryption and Obfuscation 463 12.1.3 Distributed Command-and-Control Systems 465 12.1.4 Automatic Self-Updates 469 12.1.5 Metamorphic Network Behavior 472 12.1.6 Blending Network Activity 477 12.1.7 Fast-Flux DNS 479 12.1.8 Advanced Persistent Threat (APT) 480 12.2 Network Behavior of Malware 484 12.2.1 Propagation 485 12.2.2 Command-and-Control Communications 487 12.2.3 Payload Behavior 490 12.3 The Future of Malware and Network Forensics 491 12.4 Case Study: Ann s Aurora 492 12.4.1 Analysis: Intrusion Detection 492 12.4.2 TCP Conversation: 10.10.10.10:4444-10.10.10.70:1036 495 12.4.3 TCP Conversations: 10.10.10.10:4445 502 12.4.4 TCP Conversation: 10.10.10.10:8080-10.10.10.70:1035 508 12.4.5 Timeline 513 12.4.6 Theory of the Case 514 12.4.7 Response to Challenge Questions 515 12.4.8 Next Steps 516 Afterword 519 Index 521
any_adam_object	1
author	Davidoff, Sherri
author_facet	Davidoff, Sherri
author_role	aut
author_sort	Davidoff, Sherri
author_variant	s d sd
building	Verbundindex
bvnumber	BV040287134
callnumber-first	H - Social Science
callnumber-label	HV8079
callnumber-raw	HV8079.C65
callnumber-search	HV8079.C65
callnumber-sort	HV 48079 C65
callnumber-subject	HV - Social Pathology, Criminology
classification_rvk	ST 277
classification_tum	DAT 461f DAT 055f
ctrlnum	(OCoLC)802533569 (DE-599)BVBBV040287134
dewey-full	363.25/968
dewey-hundreds	300 - Social sciences
dewey-ones	363 - Other social problems and services
dewey-raw	363.25/968
dewey-search	363.25/968
dewey-sort	3363.25 3968
dewey-tens	360 - Social problems and services; associations
discipline	Informatik Soziologie
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01877nam a2200493zc 4500</leader><controlfield tag="001">BV040287134</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20121213 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">120702s2012 xxuad\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2012014889</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780132564717</subfield><subfield code="c">hbk.</subfield><subfield code="9">978-0-13-256471-7</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0132564718</subfield><subfield code="c">hardcover : alk. paper</subfield><subfield code="9">0-13-256471-8</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)802533569</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV040287134</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-739</subfield><subfield code="a">DE-91G</subfield><subfield code="a">DE-706</subfield><subfield code="a">DE-Aug4</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">HV8079.C65</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">363.25/968</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 461f</subfield><subfield code="2">stub</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 055f</subfield><subfield code="2">stub</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Davidoff, Sherri</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Network forensics</subfield><subfield code="b">tracking hackers through cyberspace</subfield><subfield code="c">Sherri Davidoff ; Jonathan Ham</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, NJ [u.a.]</subfield><subfield code="b">Prentice Hall</subfield><subfield code="c">2012</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXVII, 545 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer crimes</subfield><subfield code="x">Investigation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer hackers</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Forensic sciences</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer crimes</subfield><subfield code="x">Investigation</subfield><subfield code="v">Case studies</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computerforensik</subfield><subfield code="0">(DE-588)4774034-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Internet</subfield><subfield code="0">(DE-588)4308416-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4522595-3</subfield><subfield code="a">Fallstudiensammlung</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computerforensik</subfield><subfield code="0">(DE-588)4774034-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Internet</subfield><subfield code="0">(DE-588)4308416-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Ham, Jonathan</subfield><subfield code="e">Sonstige</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025142392&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-025142392</subfield></datafield></record></collection>
genre	(DE-588)4522595-3 Fallstudiensammlung gnd-content
genre_facet	Fallstudiensammlung
id	DE-604.BV040287134
illustrated	Illustrated
indexdate	2024-07-10T00:20:49Z
institution	BVB
isbn	9780132564717 0132564718
language	English
lccn	2012014889
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-025142392
oclc_num	802533569
open_access_boolean
owner	DE-739 DE-91G DE-BY-TUM DE-706 DE-Aug4
owner_facet	DE-739 DE-91G DE-BY-TUM DE-706 DE-Aug4
physical	XXVII, 545 S. Ill., graph. Darst.
publishDate	2012
publishDateSearch	2012
publishDateSort	2012
publisher	Prentice Hall
record_format	marc
spelling	Davidoff, Sherri Verfasser aut Network forensics tracking hackers through cyberspace Sherri Davidoff ; Jonathan Ham Upper Saddle River, NJ [u.a.] Prentice Hall 2012 XXVII, 545 S. Ill., graph. Darst. txt rdacontent n rdamedia nc rdacarrier Computer crimes Investigation Computer hackers Forensic sciences Computer crimes Investigation Case studies Computerforensik (DE-588)4774034-6 gnd rswk-swf Internet (DE-588)4308416-3 gnd rswk-swf (DE-588)4522595-3 Fallstudiensammlung gnd-content Computerforensik (DE-588)4774034-6 s Internet (DE-588)4308416-3 s DE-604 Ham, Jonathan Sonstige oth Digitalisierung UB Passau application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025142392&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Davidoff, Sherri Network forensics tracking hackers through cyberspace Computer crimes Investigation Computer hackers Forensic sciences Computer crimes Investigation Case studies Computerforensik (DE-588)4774034-6 gnd Internet (DE-588)4308416-3 gnd
subject_GND	(DE-588)4774034-6 (DE-588)4308416-3 (DE-588)4522595-3
title	Network forensics tracking hackers through cyberspace
title_auth	Network forensics tracking hackers through cyberspace
title_exact_search	Network forensics tracking hackers through cyberspace
title_full	Network forensics tracking hackers through cyberspace Sherri Davidoff ; Jonathan Ham
title_fullStr	Network forensics tracking hackers through cyberspace Sherri Davidoff ; Jonathan Ham
title_full_unstemmed	Network forensics tracking hackers through cyberspace Sherri Davidoff ; Jonathan Ham
title_short	Network forensics
title_sort	network forensics tracking hackers through cyberspace
title_sub	tracking hackers through cyberspace
topic	Computer crimes Investigation Computer hackers Forensic sciences Computer crimes Investigation Case studies Computerforensik (DE-588)4774034-6 gnd Internet (DE-588)4308416-3 gnd
topic_facet	Computer crimes Investigation Computer hackers Forensic sciences Computer crimes Investigation Case studies Computerforensik Internet Fallstudiensammlung
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025142392&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT davidoffsherri networkforensicstrackinghackersthroughcyberspace AT hamjonathan networkforensicstrackinghackersthroughcyberspace

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge