network forensics laura chappell sr. protocol/security analyst protocol analysis institute
Post on 20-Dec-2015
229 views
TRANSCRIPT
Network ForensicsLaura Chappell
Sr. Protocol/Security Analyst
Protocol Analysis Institute
www.packet-level.com
Contents
What is “network forensics”
Where to place the wiretap
Legal issues of wiretapping
Evidence examination
TCP connection overflow attack (justascan.dmp)
OS fingerprinting (osfingeprinting.dmp)
Malware infection (evilprogram.dmp)
Back-door IRS channel (clientdying.dmp)
Network flood attack (macof.dmp)
I Could Show You Screenshots…
Or We Could Work Live…
Contact Details
Laura Chappell Protocol Analysis Institute, LLC 5339 Prospect Road, Suite 343 San Jose, CA 95129 Phone (408) 378-7841 Fax (408) 378-7891 Web: www.packet-level.com Email: [email protected]