O'Reilly logo

Learning Network Forensics by Samir Datt

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Acquiring the information and evidence

The stage is set, the objectives are clear, it is time for us to get started. As mentioned in the earlier chapters, we needed to have a plan in place; now is the time the plan goes in to action.

However, before we begin, we need to lay a strong emphasis on the way we go about acquiring the information and evidence. A tiny slip up in the way we handle this can have widespread ramifications. Therefore, we need to focus on how to handle this stage.

Important handling guidelines

As you have learned in the earlier chapters, digital evidence is extremely fragile. In fact, just like medicines, digital evidence comes with a expiration date. The impermanence of data in memory, periodicity of log rotation, volatile storage, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required