Analyzing Volatile Data Gathered from a Cisco Router

Once you have your data, you will need to analyze it to determine the cause of the intrusion. Tools such as Nipper, RAT, and CREED can point to problems with the security of the router.

Automated Router Forensics

The more you can automate the processes associated with any forensic examination, the better off you'll be. Forensics is really about a repeatable process. By ensuring a standardized method, you will increase the likelihood that the evidence you have collected will be admissible in court. You have many options for doing this. They primarily involve creating a scripted process or using a process that another person has already created.
Some of the better-known processes include Nipper and ...

Get Cisco Router and Switch Forensics now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.