Network Packet Analysis
It is important for any forensic analyst to be able to analyze network traffic. Many attacks are live attacks on a network, such as denial of service (DoS) attacks. In this section, you will learn more about network packets, network-based attacks, and tools for analyzing network traffic.
Network Packets
Information that is sent across a network is divided into chunks, called packets. Technically speaking, packets exist in the Open Systems Interconnection (OSI) model at Layer 3 and are typically formatted according to the Internet Protocol (IP)—though many other protocols and their unique formats may also be encountered. Packets are divided into two parts: the header and the payload. If you think in terms of an envelope, ...
Get System Forensics, Investigation, and Response, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
