Chapter 9. Network Investigations
Eoghan Casey, Christopher Daywalt, Andy Johnston and Terrance Maguire

Contents

Introduction437
Overview of Enterprise Networks439
Overview of Protocols442
8A 502 HTTP response code does not necessarily mean that the request failed. The requestor may have obtained some information.
Evidence Preservation on Networks457
Collecting and Interpreting Network Device Configuration458
Forensic Examination of Network Traffic479
Network Log Correlation— A Technical Perspective505
Conclusion516
References516

Introduction

Tracking down computer criminals generally requires digital investigators to follow the cybertrail between the crime scene and the offender's computer. The cybertrail can cross multiple networks and geographical ...

Get Handbook of Digital Forensics and Investigation now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.