Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: digital surveillance techniques for forensics/penetration

From: Eoghan Casey <eco () corpus-delicti com>
Date: Fri, 23 Jan 2004 09:12:44 -0500
Kerri,
On the open source side, you can use Tcpflow (http://www.circlemud.org/~jelson/software/tcpflow/) or Ethereal (www.ethereal.com). Two solid commercial tools are NetDetector (www.niksun.com) and NetIntercept (www.sandstorm.net).
I wrote a paper comparing several open source and commercial tools for this purpose - it will be published next month in the first issue of Digital Investigation. You can request a free copy of the first issue at http://www.compseconline.com/digitalinvestigation/. 

Eoghan Casey

Kerri Sharp wrote:


Hi List

Anyone know of the tool which reconstructs captured data?? For example
intercepted email with attachments or ftp data.

I saw a flash demo sometime ago at www.sainstitute.org about digital
surveillance techniques which they cover in DefensiveForensics and
DefensiveHacking. This demo has since been removed :-( any ideas anyone? 

Thx
Kerri



---------------------------------------------------------------------------
----------------------------------------------------------------------------





---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: