network forensics laura chappell sr. protocol/security analyst protocol analysis institute
Post on 20-Dec-2015
227 views
TRANSCRIPT
![Page 1: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute](https://reader035.vdocument.in/reader035/viewer/2022062221/56649d4c5503460f94a2aebe/html5/thumbnails/1.jpg)
Network ForensicsLaura Chappell
Sr. Protocol/Security Analyst
Protocol Analysis Institute
www.packet-level.com
![Page 2: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute](https://reader035.vdocument.in/reader035/viewer/2022062221/56649d4c5503460f94a2aebe/html5/thumbnails/2.jpg)
Contents
What is “network forensics”
Where to place the wiretap
Legal issues of wiretapping
Evidence examination
TCP connection overflow attack (justascan.dmp)
OS fingerprinting (osfingeprinting.dmp)
Malware infection (evilprogram.dmp)
Back-door IRS channel (clientdying.dmp)
Network flood attack (macof.dmp)
![Page 3: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute](https://reader035.vdocument.in/reader035/viewer/2022062221/56649d4c5503460f94a2aebe/html5/thumbnails/3.jpg)
I Could Show You Screenshots…
![Page 4: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute](https://reader035.vdocument.in/reader035/viewer/2022062221/56649d4c5503460f94a2aebe/html5/thumbnails/4.jpg)
Or We Could Work Live…
![Page 5: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute](https://reader035.vdocument.in/reader035/viewer/2022062221/56649d4c5503460f94a2aebe/html5/thumbnails/5.jpg)
Contact Details
Laura Chappell Protocol Analysis Institute, LLC 5339 Prospect Road, Suite 343 San Jose, CA 95129 Phone (408) 378-7841 Fax (408) 378-7891 Web: www.packet-level.com Email: [email protected]