Chapter 11: Network Analysis

We're at the last chapter now but, instead of slowing things down, I believe in finishing strong. Let's have a go at some network forensics.

We've done quite a bit of acquisition and analysis thus far, including hard drive, storage, RAM, and swap file analysis to acquire, document, and analyze evidence in the hopes of finding or recovering artifacts. Let's go a step further by analyzing protocols and network communication as they may also be useful artifacts that can aid us in our investigations.

Seeing that some incidents and crimes occur over the internet, or even a Local Area Network (LAN), capturing and analyzing network traffic should be an essential part of our investigative process. Packet captures can be ...

Get Digital Forensics with Kali Linux - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Digital Forensics with Kali Linux - Second Edition by Shiva V. N. Parasram

Chapter 11: Network Analysis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly