Cisco router and switch forensics: investigating and analyzing malicious network activity
Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to att...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Burlington, MA
Syngress
© 2009
|
| Schlagworte: | |
| Online-Zugang: | BTU01 FLA01 Volltext |
| Zusammenfassung: | Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to attack a corporate or private network infrastructure. Compromised devices can disrupt stability, introduce malicious modification, and endanger all communication on the network. For security of the network and investigation of attacks, in-depth analysis and diagnostics are critical, but no book currently covers forensic analysis of Cisco network devices in any detail. Cisco Router and Switch Forensics is the first book devoted to criminal attacks, incident response, data collection, and legal testimony on the market leader in network devices, including routers, switches, and wireless access points. Why is this focus on network devices necessary? Because criminals are targeting networks, and network devices require a fundamentally different approach than the process taken with traditional forensics. By hacking a router, an attacker can bypass a network?s firewalls, issue a denial of service (DoS) attack to disable the network, monitor and record all outgoing and incoming traffic, or redirect that communication anywhere they like. But capturing this criminal activity cannot be accomplished with the tools and techniques of traditional forensics. While forensic analysis of computers or other traditional media typically involves immediate shut-down of the target machine, creation of a duplicate, and analysis of static data, this process rarely recovers live system data. So, when an investigation focuses on live network activity, this traditional approach obviously fails. Investigators must recover data as it is transferred via the router or switch, because it is destroyed when the network device is powered down. In this case, following the traditional approach outlined in books on general computer forensics techniques is not only insufficient, but also essentially harmful to an investigation. Jargon buster: A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). A router is a more sophisticated network device that joins multiple wired or wireless networks together. |
| Beschreibung: | Includes bibliographical references and index |
| Beschreibung: | 1 Online-Ressource (xi, 504 Seiten) Illustrationen |
| ISBN: | 9781597494182 1597494186 |
Internformat
MARC
| LEADER | 00000nmm a2200000zc 4500 | ||
|---|---|---|---|
| 001 | BV046125318 | ||
| 003 | DE-604 | ||
| 005 | 20230614 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 190827s2009 |||| o||u| ||||||eng d | ||
| 015 | |a GBA906611 |2 dnb | ||
| 020 | |a 9781597494182 |9 978-1-59749-418-2 | ||
| 020 | |a 1597494186 |9 1-59749-418-6 | ||
| 024 | 7 | |a 10.1016/B978-1-59749-418-2.X0001-4 |2 doi | |
| 035 | |a (ZDB-33-ESD)ocn459953626 | ||
| 035 | |a (OCoLC)459953626 | ||
| 035 | |a (DE-599)BVBBV046125318 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-634 | ||
| 082 | 0 | |a 005.8 |2 22 | |
| 100 | 1 | |a Liu, Dale |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Cisco router and switch forensics |b investigating and analyzing malicious network activity |c Dale Liu, lead author and technical editor ; James Burton [and others] |
| 264 | 1 | |a Burlington, MA |b Syngress |c © 2009 | |
| 300 | |a 1 Online-Ressource (xi, 504 Seiten) |b Illustrationen | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 500 | |a Includes bibliographical references and index | ||
| 520 | |a Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to attack a corporate or private network infrastructure. Compromised devices can disrupt stability, introduce malicious modification, and endanger all communication on the network. For security of the network and investigation of attacks, in-depth analysis and diagnostics are critical, but no book currently covers forensic analysis of Cisco network devices in any detail. Cisco Router and Switch Forensics is the first book devoted to criminal attacks, incident response, data collection, and legal testimony on the market leader in network devices, including routers, switches, and wireless access points. | ||
| 520 | |a Why is this focus on network devices necessary? Because criminals are targeting networks, and network devices require a fundamentally different approach than the process taken with traditional forensics. By hacking a router, an attacker can bypass a network?s firewalls, issue a denial of service (DoS) attack to disable the network, monitor and record all outgoing and incoming traffic, or redirect that communication anywhere they like. But capturing this criminal activity cannot be accomplished with the tools and techniques of traditional forensics. While forensic analysis of computers or other traditional media typically involves immediate shut-down of the target machine, creation of a duplicate, and analysis of static data, this process rarely recovers live system data. So, when an investigation focuses on live network activity, this traditional approach obviously fails. | ||
| 520 | |a Investigators must recover data as it is transferred via the router or switch, because it is destroyed when the network device is powered down. In this case, following the traditional approach outlined in books on general computer forensics techniques is not only insufficient, but also essentially harmful to an investigation. Jargon buster: A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). A router is a more sophisticated network device that joins multiple wired or wireless networks together. | ||
| 650 | 7 | |a COMPUTERS / Internet / Security |2 bisacsh | |
| 650 | 7 | |a COMPUTERS / Networking / Security |2 bisacsh | |
| 650 | 7 | |a COMPUTERS / Security / General |2 bisacsh | |
| 650 | 7 | |a Computer crimes / Investigation |2 fast | |
| 650 | 7 | |a Computer networks / Security measures |2 fast | |
| 650 | 7 | |a Routers (Computer networks) |2 fast | |
| 650 | 4 | |a Computer networks / Security measures | |
| 650 | 4 | |a Routers (Computer networks) | |
| 650 | 4 | |a Computer crimes / Investigation | |
| 650 | 4 | |a Computer networks |x Security measures | |
| 650 | 4 | |a Routers (Computer networks) | |
| 650 | 4 | |a Computer crimes |x Investigation | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe, Paperback |z 978-0-08-095384-7 |
| 856 | 4 | 0 | |u http://www.sciencedirect.com/science/book/9781597494182 |x Verlag |z URL des Erstveröffentlichers |3 Volltext |
| 912 | |a ZDB-33-ESD | ||
| 999 | |a oai:aleph.bib-bvb.de:BVB01-031505772 | ||
| 966 | e | |u https://www.sciencedirect.com/book/9781597494182/cisco-router-and-switch-forensics |l BTU01 |p ZDB-33-ESD |q BTU_Kauf |x Verlag |3 Volltext | |
| 966 | e | |u http://www.sciencedirect.com/science/book/9781597494182 |l FLA01 |p ZDB-33-ESD |q FLA_PDA_ESD |x Verlag |3 Volltext | |
Datensatz im Suchindex
| _version_ | 1804180444315385856 |
|---|---|
| any_adam_object | |
| author | Liu, Dale |
| author_facet | Liu, Dale |
| author_role | aut |
| author_sort | Liu, Dale |
| author_variant | d l dl |
| building | Verbundindex |
| bvnumber | BV046125318 |
| collection | ZDB-33-ESD |
| ctrlnum | (ZDB-33-ESD)ocn459953626 (OCoLC)459953626 (DE-599)BVBBV046125318 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>04644nmm a2200565zc 4500</leader><controlfield tag="001">BV046125318</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20230614 </controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">190827s2009 |||| o||u| ||||||eng d</controlfield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBA906611</subfield><subfield code="2">dnb</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781597494182</subfield><subfield code="9">978-1-59749-418-2</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1597494186</subfield><subfield code="9">1-59749-418-6</subfield></datafield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1016/B978-1-59749-418-2.X0001-4</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ZDB-33-ESD)ocn459953626</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)459953626</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV046125318</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-634</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Liu, Dale</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Cisco router and switch forensics</subfield><subfield code="b">investigating and analyzing malicious network activity</subfield><subfield code="c">Dale Liu, lead author and technical editor ; James Burton [and others]</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Burlington, MA</subfield><subfield code="b">Syngress</subfield><subfield code="c">© 2009</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xi, 504 Seiten)</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to attack a corporate or private network infrastructure. Compromised devices can disrupt stability, introduce malicious modification, and endanger all communication on the network. For security of the network and investigation of attacks, in-depth analysis and diagnostics are critical, but no book currently covers forensic analysis of Cisco network devices in any detail. Cisco Router and Switch Forensics is the first book devoted to criminal attacks, incident response, data collection, and legal testimony on the market leader in network devices, including routers, switches, and wireless access points. </subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Why is this focus on network devices necessary? Because criminals are targeting networks, and network devices require a fundamentally different approach than the process taken with traditional forensics. By hacking a router, an attacker can bypass a network?s firewalls, issue a denial of service (DoS) attack to disable the network, monitor and record all outgoing and incoming traffic, or redirect that communication anywhere they like. But capturing this criminal activity cannot be accomplished with the tools and techniques of traditional forensics. While forensic analysis of computers or other traditional media typically involves immediate shut-down of the target machine, creation of a duplicate, and analysis of static data, this process rarely recovers live system data. So, when an investigation focuses on live network activity, this traditional approach obviously fails. </subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Investigators must recover data as it is transferred via the router or switch, because it is destroyed when the network device is powered down. In this case, following the traditional approach outlined in books on general computer forensics techniques is not only insufficient, but also essentially harmful to an investigation. Jargon buster: A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). A router is a more sophisticated network device that joins multiple wired or wireless networks together. </subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Internet / Security</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Networking / Security</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Security / General</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer crimes / Investigation</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks / Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Routers (Computer networks)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks / Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Routers (Computer networks)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer crimes / Investigation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Routers (Computer networks)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer crimes</subfield><subfield code="x">Investigation</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe, Paperback</subfield><subfield code="z">978-0-08-095384-7</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">http://www.sciencedirect.com/science/book/9781597494182</subfield><subfield code="x">Verlag</subfield><subfield code="z">URL des Erstveröffentlichers</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-33-ESD</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-031505772</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://www.sciencedirect.com/book/9781597494182/cisco-router-and-switch-forensics</subfield><subfield code="l">BTU01</subfield><subfield code="p">ZDB-33-ESD</subfield><subfield code="q">BTU_Kauf</subfield><subfield code="x">Verlag</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://www.sciencedirect.com/science/book/9781597494182</subfield><subfield code="l">FLA01</subfield><subfield code="p">ZDB-33-ESD</subfield><subfield code="q">FLA_PDA_ESD</subfield><subfield code="x">Verlag</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV046125318 |
| illustrated | Not Illustrated |
| indexdate | 2024-07-10T08:35:51Z |
| institution | BVB |
| isbn | 9781597494182 1597494186 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-031505772 |
| oclc_num | 459953626 |
| open_access_boolean | |
| owner | DE-634 |
| owner_facet | DE-634 |
| physical | 1 Online-Ressource (xi, 504 Seiten) Illustrationen |
| psigel | ZDB-33-ESD ZDB-33-ESD BTU_Kauf ZDB-33-ESD FLA_PDA_ESD |
| publishDate | 2009 |
| publishDateSearch | 2009 |
| publishDateSort | 2009 |
| publisher | Syngress |
| record_format | marc |
| spelling | Liu, Dale Verfasser aut Cisco router and switch forensics investigating and analyzing malicious network activity Dale Liu, lead author and technical editor ; James Burton [and others] Burlington, MA Syngress © 2009 1 Online-Ressource (xi, 504 Seiten) Illustrationen txt rdacontent c rdamedia cr rdacarrier Includes bibliographical references and index Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to attack a corporate or private network infrastructure. Compromised devices can disrupt stability, introduce malicious modification, and endanger all communication on the network. For security of the network and investigation of attacks, in-depth analysis and diagnostics are critical, but no book currently covers forensic analysis of Cisco network devices in any detail. Cisco Router and Switch Forensics is the first book devoted to criminal attacks, incident response, data collection, and legal testimony on the market leader in network devices, including routers, switches, and wireless access points. Why is this focus on network devices necessary? Because criminals are targeting networks, and network devices require a fundamentally different approach than the process taken with traditional forensics. By hacking a router, an attacker can bypass a network?s firewalls, issue a denial of service (DoS) attack to disable the network, monitor and record all outgoing and incoming traffic, or redirect that communication anywhere they like. But capturing this criminal activity cannot be accomplished with the tools and techniques of traditional forensics. While forensic analysis of computers or other traditional media typically involves immediate shut-down of the target machine, creation of a duplicate, and analysis of static data, this process rarely recovers live system data. So, when an investigation focuses on live network activity, this traditional approach obviously fails. Investigators must recover data as it is transferred via the router or switch, because it is destroyed when the network device is powered down. In this case, following the traditional approach outlined in books on general computer forensics techniques is not only insufficient, but also essentially harmful to an investigation. Jargon buster: A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). A router is a more sophisticated network device that joins multiple wired or wireless networks together. COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer crimes / Investigation fast Computer networks / Security measures fast Routers (Computer networks) fast Computer networks / Security measures Routers (Computer networks) Computer crimes / Investigation Computer networks Security measures Computer crimes Investigation Erscheint auch als Druck-Ausgabe, Paperback 978-0-08-095384-7 http://www.sciencedirect.com/science/book/9781597494182 Verlag URL des Erstveröffentlichers Volltext |
| spellingShingle | Liu, Dale Cisco router and switch forensics investigating and analyzing malicious network activity COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer crimes / Investigation fast Computer networks / Security measures fast Routers (Computer networks) fast Computer networks / Security measures Routers (Computer networks) Computer crimes / Investigation Computer networks Security measures Computer crimes Investigation |
| title | Cisco router and switch forensics investigating and analyzing malicious network activity |
| title_auth | Cisco router and switch forensics investigating and analyzing malicious network activity |
| title_exact_search | Cisco router and switch forensics investigating and analyzing malicious network activity |
| title_full | Cisco router and switch forensics investigating and analyzing malicious network activity Dale Liu, lead author and technical editor ; James Burton [and others] |
| title_fullStr | Cisco router and switch forensics investigating and analyzing malicious network activity Dale Liu, lead author and technical editor ; James Burton [and others] |
| title_full_unstemmed | Cisco router and switch forensics investigating and analyzing malicious network activity Dale Liu, lead author and technical editor ; James Burton [and others] |
| title_short | Cisco router and switch forensics |
| title_sort | cisco router and switch forensics investigating and analyzing malicious network activity |
| title_sub | investigating and analyzing malicious network activity |
| topic | COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer crimes / Investigation fast Computer networks / Security measures fast Routers (Computer networks) fast Computer networks / Security measures Routers (Computer networks) Computer crimes / Investigation Computer networks Security measures Computer crimes Investigation |
| topic_facet | COMPUTERS / Internet / Security COMPUTERS / Networking / Security COMPUTERS / Security / General Computer crimes / Investigation Computer networks / Security measures Routers (Computer networks) Computer networks Security measures Computer crimes Investigation |
| url | http://www.sciencedirect.com/science/book/9781597494182 |
| work_keys_str_mv | AT liudale ciscorouterandswitchforensicsinvestigatingandanalyzingmaliciousnetworkactivity |