Network Forensics — Week 4
Week 4
This session we learned about the tools that are needed in order to find, sample, seal and dissect the evidence obtained. This is an extremely important part in network forensics. The evidence that will be investigated could come in many forms, such as a pcap file.
We also learned about flow analysis. Flow analysis is used in order to locate data in the operating system or to identify patterns in traffic.There are several tools that can be used for flow analysis. Those tools are Wireshark, tccpflor, pcapcat, tcpxtract.
Wireshark is available on windows and kali linux. This tool is used to read packet traffic in the operating system, see source and destination address and the details of the package caught.
There are also different types of flow analysis techniques, those techniques are
* list conversation and flow
* export a flow
* file and data carving
Tags: Network Forensic
This entry was posted on Tuesday, October 13th, 2020 at 6:41 pm and is filed under Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.