Packet forensics using TCP

Packet forensics using TCP
Don Parker, Mike Sues

Most of us who work in the security world have at one time or another looked at the raw output of a firewall, IDS, or other type of security device. What that output invariably leads one to is viewing packets directly for an investigation. Doing packet forensics can be a difficult and time consuming endeavour. Due to this fact, many of us prefer to use convenient tools such as Ethereal to help facilitate our analysis. There is a notable problem with this approach, however.

Expand all | Post comment

Packet forensics using TCP 2005-09-25
Anonymous

Packet forensics using TCP 2005-10-20
pandian

Ethereal can analyse sequence numbers 2005-12-02
Anonymous

Packet forensics using TCP 2006-06-02
CMory (1 replies)

Re: Packet forensics using TCP 2006-07-06
Don Parker

Packet forensics using TCP 2006-10-05
Mikkous

Packet forensics using TCP 2006-11-26
Anonymous (1 replies)

Re: Packet forensics using TCP 2006-11-30
Don Parker

Packet forensics using TCP - An excellent tutorial 2007-01-25
Joe

Packet forensics using TCP 2007-03-01
Aju Thomas

Hi Don and Mike,

This was an amazing piece of information for anybody who wants to know what exatcly happening on with TCP packets.Really helpfull.

A must read topic for any CISSP learners..!

Thanks

Aju Thomas

Network Analyst

Siemens,India

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/infocus/1845/854#854

Packet forensics using TCP 2008-04-08
Anonymous