Daily Archives: Thursday, April 3, 2014

Wireshark, Tools and forensic

  Intro   Making a forensic analysis means to be able to collect and analyze data in order to find out evidence that could led you to a specific break.   Although is usually considered a post-mortem activity in the IT realm this aspect is less marked than in other forensic environment. If we are running an investigation on a homicide, as an example, we will be present when everything is already done, and we just have to collect cold evidence. On the other end when we are running a forensic IT investigation we cannot be sure that the event…

Posts navigation