Difference between revisions of "Network forensics"

From ForensicsWiki
Jump to: navigation, search
m
 
m
Line 1: Line 1:
''Network forensics'' is the process of capturing information that moves over a network and trying to make sense of it in some kind of forensics capacity. A network forensics appliance is a device that automates this process.
+
'''Network forensics''' is the process of capturing information that moves over a [[network]] and trying to make sense of it in some kind of forensics capacity. A [[network forensics appliance]] is a device that automates this process.
  
 
There are both open source and proprietary network forensics systems available.  
 
There are both open source and proprietary network forensics systems available.  
  
 
==Open Source Network Forensics==
 
==Open Source Network Forensics==
Snort
+
 
 +
* [[Snort]]
  
 
==Proprietary Network Forensics==
 
==Proprietary Network Forensics==
Sandstorm's NetIntercept
 
  
NIKSUN's NetDetector
+
* Sandstorm's [[NetIntercept]]
 +
* NIKSUN's [[NetDetector]]

Revision as of 03:38, 24 March 2006

Network forensics is the process of capturing information that moves over a network and trying to make sense of it in some kind of forensics capacity. A network forensics appliance is a device that automates this process.

There are both open source and proprietary network forensics systems available.

Open Source Network Forensics

Proprietary Network Forensics