Analyzing Volatile Data Gathered from a Cisco Router
Once you have your data, you will need to analyze it to determine the cause of the intrusion. Tools such as Nipper, RAT, and CREED can point to problems with the security of the router.
Automated Router Forensics
The more you can automate the processes associated with any forensic examination, the better off you'll be. Forensics is really about a repeatable process. By ensuring a standardized method, you will increase the likelihood that the evidence you have collected will be admissible in court. You have many options for doing this. They primarily involve creating a scripted process or using a process that another person has already created.
Some of the better-known processes include Nipper and ...
Get Cisco Router and Switch Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.