Similar authors to follow
Manage your follows
About Chris Sanders
Chris Sanders is an information security author, trainer, and researcher originally from Mayfield, KY now living in Gainesville, GA.
He is the founder of Applied Network Defense, a company focused on delivering high quality, accessible information security training. In previous roles, Chris worked with the US Department of Defense, InGuardians, and Mandiant to build security operation centers and train practitioners focused on defending defense, government, and Fortune 500 networks. Chris is also the founder and director of the Rural Technology Fund, a non-profit that donates scholarships and equipment to public schools to further technical education in rural and high poverty areas. To date, the RTF has put computer science education resources into the hands of over 100,000 students in all 50 states.
Chris has authored several books and articles, including the international bestseller “Practical Packet Analysis” from No Starch Press, currently in its third edition and in seven languages, and “Applied Network Security Monitoring” from Syngress. His current research focus is on the intersection of cybersecurity and cognitive psychology with the goal of enhancing the field of infosec investigative disciplines through a better understanding of the human thought and learning processes.
Chris blogs at http://www.chrissanders.org. You can learn more about Applied Network Defense at http://www.networkdefense.co and the RTF at http://www.ruraltechfund.org.
Customers Also Bought Items By
Updated to cover Wireshark 2.x, the third edition of Practical Packet Analysis will teach you to make sense of your packet captures so that you can better troubleshoot network problems. You’ll find added coverage of IPv6 and SMTP, a new chapter on the powerful command line packet analyzers tcpdump and TShark, and an appendix on how to read and reference packet values using a packet map.
Practical Packet Analysis will show you how to:
–Monitor your network in real time and tap live network communications
–Build customized capture and display filters
–Use packet analysis to troubleshoot and resolve common network problems, like loss of connectivity, DNS issues, and slow speeds
–Explore modern exploits and malware at the packet level
–Extract files sent across a network from packet captures
–Graph traffic patterns to visualize the data flowing across your network
–Use advanced Wireshark features to understand confusing captures
–Build statistics and reports to help you better explain technical network information to non-techies
No matter what your level of experience is, Practical Packet Analysis will show you how to use Wireshark to make sense of any network and get things done.
Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM.
Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster.
The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data.
If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job.
- Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analyst
- Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and Argus
- Loaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examples
- Companion website includes up-to-date blogs from the authors about the latest developments in NSM