What exactly is network forensics?
As per National Institute of Standards and Technology (NIST), Digital forensics, also known as computer and network forensics, has many definitions. Generally, it is considered the application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.
Refer to http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf for more information.
As per WhatIs.com, network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.
Broadly speaking, network forensics, in most ...