I have come across and use some of the network forensics analysis tools and systems. I will just list out some of the common tools that network administrators, forensics analyst and investigator normally use. Of course, some are open source and some are paid license tools.
Network Packet Sniffer and Analyzer:
Wireshark (most common Linux and Windows packet analyzer tool use)
tcpdump/WinDump (another common tool - for Linux and Windows)
Kismet
EtterCap
PacketMon
Colasoft Capsa
CommView
WildPackets OmniPeek
KisMac
Network Packet Reconstruction Tool:
E-Detective (Real-Time LAN interception and reconstruction system)
EDDC (Offline raw data packets reconstruction system)
Wireless-Detective (Real-Time WLAN interception and reconstruction system)
VoIP-Detective (Voice over IP interception and reconstruction system)
Network Miner
Niksun NetDetector
NetWitness
Xplico
In coming write up, I will write more about all the above tools and some applications. Stay tune!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment