O'Reilly logo

Network Forensics: Tracking Hackers through Cyberspace by Jonathan Ham, Sherri Davidoff

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3. Evidence Acquisition

“Some things are hurrying into existence, and others are hurrying out of it; and of that which is coming into existence part is already extinguished . . . In this flowing stream then, on which there is no abiding, what is there of the things which hurry by on which a man would set a high price?”

The Meditations, by Marcus Aurelius1

1. Thomas Bushnell, “The Meditations,” 1994, http://classics.mit.edu/Antoninus/meditations.mb.txt.

Ideally, we would like to obtain perfect-fidelity evidence, with zero impact on the environment. For copper wires, this would mean only observing changes in voltages without ever modifying them. For fiber cables, this would mean observing the quanta without ever injecting any. For radio ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required