Category "Network forensics" - Computer Forensic Blog

Netflows as a source of forensic information

In his presentation Yann Berthier introduces Netflows as an information source for network forensics.

By Andreas Schuster at 02/19/2006, 06:40 PM | Permalink

tcpxtract version 1.0

Tcpxtract is a carver for network traffic, which means it extracts files out of captured data. In order to determine start and end positions of a file it searches for certain byte sequences. This procedure was inspired by foremost, a carver for filesystem data.

(more...)

By Andreas Schuster at 10/13/2005, 05:35 PM | Permalink

Search

Deutsch

Deutschsprachige Ausgabe

Latest articles

Imprint

This blog is a project of
Andreas Schuster
Im Äuelchen 45
D-53177 Bonn
Germany
impressum@forensikblog.de

int for(ensic){blog;}

Notes on computer forensics - international edition.

Netflows as a source of forensic information

tcpxtract version 1.0

Search

Deutsch

Categories

Archives

Latest articles

Imprint

int for(ensic){blog;}

Notes on computer forensics - international edition.

Netflows as a source of forensic information

tcpxtract version 1.0

Search

Deutsch

Categories

Archives

Latest articles

Subscribe

Imprint