From the course: Network Forensics
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Understanding network data sources
- [Narrator] As cyber criminals expand their territory on the internet, the demands for evidence data in network forensics is also rapidly growing. None of the mainstream network forensics tools can function optimally without access to several data sources. Therefore, readily available data in various origins is crucial in producing satisfactory and meaningful network forensics reports. Network forensics data comes from many different places, including software, hardware, and media. Packet sniffers are the most obvious data source. They capture live packets that could contain criminal evidence such as, stolen information and traces of intrusion attempts. Sniffing can occur at hosts, switches, and routers. Firewalls are another data source and create log entries whenever they drop a packet. They are the first line of defense in network security, and also, one of the biggest targets for cyber security attacks. Intrusion Detections Systems, or IDS, and Intrusion Prevention Systems, or…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.