From the course: Network Forensics

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Network forensics investigation software

Network forensics investigation software

From the course: Network Forensics

Start my 1-month free trial

Network forensics investigation software

- [Male Speaker] A major network forensic tool is software that collects logs. Windows operating systems, or OSs manage their logs through a program called Event Viewer. Let's try it. Expand the Windows logs folder. Choose security. This is where you see suspicious activities such as failed remote access attempts at three in the morning. A workplace may have hundreds and thousands of computers to monitor. Which is why we don't want to open the Event Viewer on each computer and check its logs manually like what I just did. A more effective way is to forward the log messages from its source and to store them at a dedicated log server. Simple network management protocol or SNMP is the standard used by Windows to support log collection. SNMP allows you to enable and agent program on a Windows machine which in turn monitors and looks for events to be sent a central log server. In the SNMP lingo, the messages and SNMP agent generates are called traps. If you want to avoid learning how to…

Contents