DedicationForewordPrefaceGetting StartedChapter 1: Network Security Monitoring RationaleChapter 2: Collecting Network Traffic: Access, Storage, and ManagementSecurity Onion DeploymentChapter 3: Stand-alone NSM Deployment and InstallationChapter 4: Distributed DeploymentChapter 5: SO Platform HousekeepingToolsChapter 6: Command Line Packet Analysis ToolsChapter 7: Graphical Packet Analysis ToolsChapter 8: NSM ConsolesNSM in ActionChapter 9: NSM OperationsChapter 10: Server-side CompromiseChapter 11: Client-side CompromiseChapter 12: Extending SOChapter 13: Proxies and ChecksumsConclusionSO Scripts and ConfigurationColophonUpdates
Richard Bejtlich is Chief Security Strategist at FireEye, and was formerly Chief Security Officer at Mandiant. He also served as Director of Incident Response for General Electric, where he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). He is a graduate of Harvard University and the United States Air Force Academy. His previous works include The Tao of Network Security Monitoring, Extrusion Detection, and Real Digital Forensics (all from Addison-Wesley). He blogs (http-//taosecurity.blogspot.com/) and writes on Twitter as @taosecurity.
Ask a Question About this Product More... |