This video demonstrates an evidence acquisition process at the data link layer.
- DNS poisoning occurs when an attacker gets access … to a domain name IP address mapping list or database … and alters it for malicious purposes … the concept is very similar to that of app poisoning … the only difference is the scale of the data stored … first of all we use a dedicated server … to store the DNS information … we are talking about millions or even billions of records … we know that the IP address of Linked in is 126.96.36.199 … what if bad guys change the domain name IP mapping … on our DNS server so that it now points to a fake web server … designed to disguise as an authetic linked in website … when suspecting users will type their log in credentials … and the phishing server will steal … their sensitive information … basically this is what we mean by DNS poisoning . … Let me demonstrate this localy on my VM . … Windows OS keeps a file called hosts … which acts like a DNS server … it maintains its own list of domain name and IP addresses … your Operating System or OS will check the host file …
- Goals of network forensics
- Using a syslog and Microsoft Log Parser
- Investigating network traffic
- How protocol analysis works
- ARP and DNS poisoning
- Working with network forensics tools
- Using packet sniffers
Skill Level Intermediate
Learning Cryptography and Network Securitywith Lisa Bock1h 45m Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
What you should know2m 11s
1. Understanding Network Forensics
2. Preparing for a Network Forensics Investigation
3. Investigating Network Events
4. Investigating Network Traffic
5. Network Forensics Tools
Next steps1m 15s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.