O'Reilly logo

Learning Network Forensics by Samir Datt

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

This chapter, though a bit long, has exposed us to three very important components of any network. As network forensic investigators, you learned about the underlying technologies and sources of evidence obtainable from proxies, firewalls, and routers. You also learned the roles they play in the big scheme of things and understood how and where the evidence resides.

We took a look at the Squid proxy server and different log formats that are prevalent for each of these components. We developed an understanding of the different fields in the log file and what each of these fields represent. We also gained an insight into the key role the routers play, the persistent and volatile memory that they have, the logs, as well as the importance of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required