Upload File

network forensics laura chappell sr. protocol/security analyst protocol analysis institute

  • Home
  • Documents
  • Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute
5
Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute www.packet-level.com

Post on 20-Dec-2015

229 views

Category:

Documents


3 download

Report

Tags:

TRANSCRIPT

Page 1: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute

Network ForensicsLaura Chappell

Sr. Protocol/Security Analyst

Protocol Analysis Institute

www.packet-level.com

Page 2: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute

Contents

What is “network forensics”

Where to place the wiretap

Legal issues of wiretapping

Evidence examination

TCP connection overflow attack (justascan.dmp)

OS fingerprinting (osfingeprinting.dmp)

Malware infection (evilprogram.dmp)

Back-door IRS channel (clientdying.dmp)

Network flood attack (macof.dmp)

Page 3: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute

I Could Show You Screenshots…

Page 4: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute

Or We Could Work Live…

Page 5: Network Forensics Laura Chappell Sr. Protocol/Security Analyst Protocol Analysis Institute

Contact Details

Laura Chappell Protocol Analysis Institute, LLC 5339 Prospect Road, Suite 343 San Jose, CA 95129 Phone (408) 378-7841 Fax (408) 378-7891 Web: www.packet-level.com Email: [email protected]

http://www.packet-level.com/
mailto:[email protected]

Comparing.NET and Java: The View From 2006 David Chappell Chappell & Associates Copyright © 2006 David Chappell

SCADA Network Forensics of the PCCC Protocol · SCADA Network Forensics of the PCCC Protocol Department of Computer Science ... •SCADA Supervisory Control and Data Acquisition •Are

Eliza Chappell Elementary School

Forensics & Anti- Forensics

Cloud Platforms Today: A Perspective - David Chappell · Cloud Platforms Today: A Perspective David Chappell Chappell & Associates April 18, 2009. Cloud Computing ... Enterprise Application

Moria Chappell Portfolio: Nevermore

Reading the Peritrope Chappell

Www.novell.com Hot Tools for Analyzing Networks Laura Chappell Sr. Protocol Analyst, Founder Protocol Analysis Institute [email protected]

David Chappell Chappell & Associates Workflow in Windows SharePoint: Technology for Web 2.0? Copyright © 2007 David Chappell

Family Handbook - Chappell Schools

David Chappell Chappell & Associates

Accurate Modeling of the Siemens S7 SCADA Protocol for ... · PDF fileACCURATE MODELING OF THE SIEMENS S7 SCADA PROTOCOL FOR INTRUSION DETECTION AND DIGITAL FORENSICS Amit Kleinmann

David Chappell, Chappell & Associates August 2005download.microsoft.com/.../biztalk2006/Understanding_BTS06.pdf · Understanding BizTalk Server 2006 David Chappell, ... orchestration,

THE CASE FOR TEACHING NETWORK PROTOCOLS TO COMPUTER FORENSICS … · 2018-09-24 · Keywords: Computer forensics education, network forensics, protocol analysis ABSTRACT Most computer

Chappell Wire Shark 101 Handouts

SOA, BPM, and Microsoft: A Pragmatic View David Chappell Chappell & Associates Copyright © 2006 David Chappell

Microsoft and BPM: A Perspective David Chappell Chappell & Associates Copyright © 2006 David Chappell

Chappell v. Ayala - sblog.s3.amazonaws.comsblog.s3.amazonaws.com/.../2014/06/Chappell-v.-Ayala-13-1428.pdf · No. In the Supreme Court of the United States KEVIN CHAPPELL, WARDEN,

Understanding SOA Chappell

Buffer Overflows with Content - Lamar Universitygalaxy.cs.lamar.edu/~bsun/forensics/slides/Exploits.pdf · 2007-08-28 · Detecting Buffer Overflows by Protocol Signatures • Protocol

Chappell Vocal Score

David Chappell Chappell & Associates ARC206

Mark Chappell Latest Cv

Chappell Universal Framing Squarechappellsquare.com/wordpress/wp-content/uploads/2013/05/Chappell... · curve without faltering, ... Chappell Universal Framing Square Description

Chappell - Analysis

COE589: Digital Forensics - ccse.kfupm.edu.saahmadsm/coe589-122/00_Overview_Logisti… · Digital Forensics computer forensics mobile forensics network forensics ... COE589 - Ahmad

Chappell Translation of Agamemnon

E sports-chappell-11vob

Chappell Hill

Memory Forensics - publish.illinois.edupublish.illinois.edu/.../files/2014/03/acc-forensics.pdfWhat is Computer Forensics? Mobile Device Forensics Network Forensics Memory & Data Forensics

Chappell Universal Framing Square · Chappell Universal Square 5 Contents Chappell Universal Square Overview 7 A) Expanded Hip & Valley Rafter Tables; B) Unequal Pitched Rafter Tables;

David Chappell Chappell & Associates ARC205

Chappell Universal Framing Square · Chappell Universal Square 7 Chappell Universal Square Overview The Chappell Universal Metric Framing Square incorporates a broad number of new

Selling BizTalk-Based Engagements David Chappell Chappell & Associates

Moria Chappell Background