Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
DI
2006
2006
A portable network forensic evidence collector
A small portable network forensic evidence collection device is presented which is built using inexpensive embedded hardware and open source software. The device oers several modes of operation for dierent live network evidence collection scenarios involving single network nodes. This includes the use of promiscuous packet capturing to enhance evidence collection from remote network sources, such as websites or other remote services. It operates at the link layer allowing the device to be transparently inserted inline between a network node and the rest of a network. It is simple to deploy, requiring no recon
guration of the node or surrounding network infrastructure. The device can be precon
gured in the forensics lab, and deployment delegated to sta not speci
cally trained in forensics. Details of the architecture, construction and operation are described. Special attention is given to information security aspects of live network evidence collection.
Real-time Traffic| Added | 11 Dec 2010 |
| Updated | 11 Dec 2010 |
| Type | Journal |
| Year | 2006 |
| Where | DI |
| Authors | Bruce J. Nikkel |
Comments (0)
Researcher Info
|
