© The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature 2023
K. CardwellTactical Wiresharkhttps://doi.org/10.1007/978-1-4842-9291-4_12

12. Network Traffic Forensics

Kevin Cardwell1  
California, CA, USA

In this chapter, we will review different characteristics of network connections and the traffic that is generated. It is an expansion on earlier topics as we need to extract the information from the communication traffic and identify what needs to be extracted from the data to be collected in a forensically sound manner.

Chain of Custody

As we have mentioned before, we need to ensure that we maintain a Chain of Custody document. You might be wondering, what is the risk? The reality is if you do not have the document ...

Get Tactical Wireshark: A Deep Dive into Intrusion Analysis, Malware Incidents, and Extraction of Forensic Evidence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.