Skip to main content
main-content
Top

About this book

Cyber Operations walks you through all the processes to set up, defend, and attack computer networks. This book focuses on networks and real attacks, offers extensive coverage of offensive and defensive techniques, and is supported by a rich collection of exercises and resources.

You'll learn how to configure your network from the ground up, starting by setting up your virtual test environment with basics like DNS and active directory, through common network services, and ending with complex web applications involving web servers and backend databases.

Key defensive techniques are integrated throughout the exposition. You will develop situational awareness of your network and will build a complete defensive infrastructure—including log servers, network firewalls, web application firewalls, and intrusion detection systems.

Of course, you cannot truly understand how to defend a network if you do not know how to attack it, so you will attack your test systems in a variety of ways beginning with elementary attacks against browsers and culminating with a case study of the compromise of a defended e-commerce site.

The author, who has coached his university’s cyber defense team three times to the finals of the National Collegiate Cyber Defense Competition, provides a practical, hands-on approach to cyber security.

Table of Contents

Chapter 3. Operational Awareness

Core to successful cyber operations is the ability to maintain the integrity and availability of computer systems and networks. The first step in this process is knowing what is occurring on defended systems and networks. Both Windows and Linux feature tools that provide information about running processes, system users, and network connections. Network traffic between systems can be captured and analyzed with a number of tools, including tcpdump, Wireshark, and Network Miner. In this chapter, the reader will learn what live information is available to a system administrator facing a potentially compromised system or network and will find different indicators of the attacks.
Mike O’Leary
Additional information