Cisco Switch Forensics_ Investigating Analyzing Ma

文件名称: Cisco Switch Forensics_ Investigating Analyzing Malicious Network Activity

所属分类: 网络基础

开发工具:

文件大小: 10mb

下载次数: 0

上传时间: 2019-08-22

提供者: drji*****

下载 (10mb)

不能下载？报告错误

详细说明： About This Book Before we can delve into the world of conducting router and switch forensics on Cisco devices, we need to discuss what makes a network secure. Thirty years ago we were using mainframe computers and “security” meant nothing more than the fact that a physical wall separated the people who worked with the data from the machines storing that data. As PCs and local area networks (LANs) have gained acceptance over the years, securing data and resources has become more difficult. Routers and switches are the devices that join PCs on a LAN and that join LANs over the Internet. Since Cisco is one of the market leaders in supplying these devices, its products have become the targets of miscreants who are attempting to break into companies’ secure networks. By reading this book, you will learn how to recognize an incident (breach), how to gather evidence of the incident, how to get the appropriate local, state, or federal agencies involved, and how to present your case. In this introduction, we will discuss secure network design and Cisco’s role in router and switch forensics. We will also discuss the equipment we’ll be using for the examples in the book, as well as introduce the incident that we will investigate. In later chapters, we will discuss what it takes to set up routers and switches. Defining a Secure Network Network security is becoming increasingly important as more people send private data over the public Internet. As you define network infrastructure, you need to consider security, logging, and forensic data–gathering methodologies up front. In this section, we will discuss options for defining a secure network. Network Architectures Network architectures exist in many forms ; however, the most common topology in use today is the star topology, of which there are two types: the flat topology LAN, shown in Figure 1, and the zoned trust topology, shown in Figure 2. The key difference between the two types of network architectures is the use of additional firewalls inside the LAN to secure sensitive resources from attacks initiated inside the LAN.

(系统自动生成,下载前可以参看下载内容)