Chapter 2. Capturing Network Traffic
Information in This Chapter
In this chapter, we learn about capturing live network forensics data. In other chapters, we discuss about searching for artifacts of network activity wherever they may exist throughout the network; but for now, we will focus on capturing live network traffic. Changes in network technology have severely limited the useful application of the live network traffic capture. For example, a host running a sniffer in a switched environment or wireless network will only see traffic addressed to itself and broadcast traffic even if the sniffer is running in ...
Get Digital Forensics for Network, Internet, and Cloud Computing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.