In this chapter, you will learn how to
• Explain why we investigate network traffic; summarize network forensics concepts; and define the terms firewall, honeypot, and IDS
• List various kinds of network vulnerabilities and network attacks, and where to look for and gather evidence for wired and wireless networks
• Analyze the data: how to handle logs as evidence, and how to condense a log file
• Explain the function of log management, the legality of using logs, and combining event and log management to correlate local and remote events
I’ve been involved with IP networking and data communications for a long, long time, as both a software developer and a software and application ...