Foreward by Todd Heberlein
Preface (Download PDF)
Part I: Getting Started
Chapter 1: Network Security Monitoring Rationale
Chapter 2: Collecting Network Traffic: Access, Storage, and Management
Part II: Security Onion Deployment
Chapter 3: Stand-alone NSM Deployment and Installation
Chapter 4: Distributed Deployment
Chapter 5: SO Platform Housekeeping
Part III: Tools
Chapter 6: Command Line Packet Analysis Tools
Chapter 7: Graphical Packet Analysis Tools
Chapter 8: NSM Consoles
Part IV: NSM in Action
Chapter 9: NSM Operations
Chapter 10: Server-side Compromise
Chapter 11: Client-side Compromise
Chapter 12: Extending SO
Chapter 13: Proxies and Checksums
Conclusion
Appendix
SO Scripts and Configuration
Index