O'Reilly logo

System Forensics, Investigation, and Response by K Rudolph, John R. Vacca

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11. Performing Network Analysis

NETWORK FORENSICS, AS YOU FIRST READ back in Chapter 1, deals with evidence that moves across one or more computer networks. It involves capturing, recording, and analyzing network events. Businesses are marketing advanced networking technologies, such as network-attached storage devices, firewalls, and Gigabit Ethernet, to home users today. Therefore, nearly any computer seized will have been used in a network environment of some type.

Network forensics can involve a variety of digital evidence, including information from router, NetFlow, and firewall logs. Forensics can also involve evidence from the logs of Internet service providers (ISPs), intrusion detection systems, and captured network traffic. This ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required