From Alternate Data Storage Forensics

by Michael Gregg


This chapter examines router and network forensics. This chapter is important as many attacks will require the analyst to look for information in the router or require network forensics. This requires you to have an understanding of routers and their architecture. It is important to understand where they reside within the OSI model and what role they play within network communications.

Anytime you work with forensic evidence it is critical that the concept of chain of custody be understood. How evidence is handled, stored, accessed, and transported is critical, because if basic control measures are not observed the evidence may be ruled inadmissible in court.

Network Forensics

Network forensics can best be defined as the sniffing, recording, and analysis of network traffic and events. Network forensics are performed in order to discover the source of security incidents and attacks or other potential problems. One key role of the forensic expert is to differentiate repetitive problems from malicious attacks.

The Hacking Process

The hacking process follows a fixed methodology. The steps a hacker follows can be broadly divided into six phases:

  1. Reconnaissance

  2. Scanning and enumeration

  3. Gaining access

  4. Escalation of privilege

  5. Maintaining access

  6. Covering tracks and placing backdoors

The Intrusion Process

Reconnaissance is considered the first preattack phase. The hacker seeks to find out as much information as possible about the victim. The second preattack phase is scanning and enumeration. At this step in the methodology, the hacker is moving from passive...

Products & Services
Architecture and Architectural Services
Architecture and architectural services design buildings and structures for commercial and industrial applications.
Civil Engineering and Architectural Software
Civil engineering and architectural software is the set of tools used to design, simulate and analyze civil engineering structures such as bridges, roads and buildings.
Cupolas are decorative and functional structures for a dome or roof. They are used for ventilation and architectural purposes.
Architectural Painting and Finishing Services
Architectural painting and finishing services coat, finish and paint interior and exterior surfaces and components in buildings and plants.
Statistical Analysis Software
Statistical analysis software analyzes data to make predictions using statistical methods. It can be used to solve manufacturing problems, develop efficient industrial processes, or to make breakthrough discoveries.

Topics of Interest

by Kevin O Shea and Thomas Ralph Introduction WiFi an acronym for wireless fidelity (wireless) encompasses a number of standards that enable computers and other devices to connect wirelessly to...

Our readers have a lot of opinions about models, the mathematical kind at least. The pitfall of believing them without examining them is hot topic. Blame the modeler, not the model In your editorial...

The next chapter discusses bloopers in the graphic design and layout of websites how they are presented. Before we get to those, let's examine a specific type of graphic design bloopers: those...

INTRODUCTION The extent to which you understand and can control wall cleanup is a direct determinant of your success or failure in using Architectural Desktop A strong statement to be sure, but a...

The fundamental change required here is one of mindsets. IT people s mindsets change from seeing their raison d tre as moving from I m in IT , to I m in business. I bring a particular perspective to...