Re: digital surveillance techniques for forensics/penetration

From: Eoghan Casey (eco_at_corpus-delicti.com)
Date: 01/23/04

  • Next message: Jerry Shenk: "RE: digital surveillance techniques for forensics/penetration"
    Date: Fri, 23 Jan 2004 09:12:44 -0500
    To: forensics@securityfocus.com
    
    

    Kerri,

    On the open source side, you can use Tcpflow
    (http://www.circlemud.org/~jelson/software/tcpflow/) or Ethereal
    (www.ethereal.com). Two solid commercial tools are NetDetector
    (www.niksun.com) and NetIntercept (www.sandstorm.net).

    I wrote a paper comparing several open source and commercial tools for
    this purpose - it will be published next month in the first issue of
    Digital Investigation. You can request a free copy of the first issue at
    http://www.compseconline.com/digitalinvestigation/.

    Eoghan Casey

    Kerri Sharp wrote:

    >Hi List
    >
    >Anyone know of the tool which reconstructs captured data?? For example
    >intercepted email with attachments or ftp data.
    >
    >I saw a flash demo sometime ago at www.sainstitute.org about digital
    >surveillance techniques which they cover in DefensiveForensics and
    >DefensiveHacking. This demo has since been
    >removed :-( any ideas anyone?
    >
    >Thx
    >Kerri
    >
    >
    >
    >---------------------------------------------------------------------------
    >----------------------------------------------------------------------------
    >
    >
    >
    >

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Jerry Shenk: "RE: digital surveillance techniques for forensics/penetration"

    Relevant Pages

    • Re: OpenSource vs. Commercial
      ... If end-product is commercial - I will lean towards commercial tools provided ... the roadmap for future development is clear. ... If end-product is freeware/shareware - I will go with open source (provided ...
      (borland.public.delphi.thirdpartytools.general)
    • Re: sql injection/Xss open source tool
      ... There are several commercial tools for this. ... For open source try ParosProxy. ... > Is there an open source tool to check for those issues ...
      (Security-Basics)
    • Re: STM32 ARM toolset advice?
      ... In message, CBFalconer writes ... Not compared to commercial tools ... You seem to have the stupid idea that all closed source is expensive and all open source is free. ...
      (comp.arch.embedded)