Cisco Router and Switch Forensics

Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to attack a corporate or private network infrastructure. Compromised devices can disrupt stability, introduce malicious modification, and endanger all communication on the network. For security of the network and investigation of attacks, in-depth analysis and diagnostics are critical, but no book currently covers forensic analysis of Cisco network devices in any detail. 'Cisco Router and Switch Forensics' is the first book devoted to criminal attacks, incident response, data collection, and legal testimony on the market leader in network devices, including routers, switches, and wireless access points.

- Covers forensics analysis of routers and switches focusing on the operating system that runs the vast majority of network devices in the enterprise and on the internet
- Outline the fundamental differences between, router forensics and traditional forensics, a critical distinction for repsonders in an investigation targeting network activity.
- Details where netwrok forensics fits within the entire process of an investigation, end to end, from incident response and data collection to preparing a report and legal testimony
- Includes actual hands-on examples of forensic data gathering
Explains the psychology of dealing with on-site staff while gathering the forensic data
- Contains examples of data security breaches in perimeter networking equipment
- Describes how to strenghten network devices in real world usage
- Demonstrates ,how to use Cisco's Security Device Manager (SDM), Netwrok Assistant, and Web Interface tools to configure advanced security features of routers and switches
- Shows how to use logging features to monitor adn identify security events when they happen