Custom Search

An Introduction To Network Forensics

Have you ever heard of network forensics? Not everyone has but the meaning is actually very important. It basically means the recording, analyzing, and capturing of events on a network in order to determine how and why attacks on security occurred as well as other problems. Forensics typically refers to crime investigation but it has been borrowed and applied to the safety and investigation of security of networks. There are a couple of different types of network forensic systems for network monitoring. These include the systems that pretty much catch and store all information that passes through a certain point. A RAID system is typically needed for this and a lot of storage space is necessary for this method. The next option is when certain information from each packet is saved in memory in case it is needed for analysis in the future. A fast processor is typically needed although lots of storage is not as important. Of course, both methods require storing a lot of information and erasing the old periodically to make room for the new information. There are some open source programs that may be used as well as others.

When it comes to network forensics it is important to have a basic understanding of lawful intercept. This basically applies to what information may be intercepted legally. CALEA has set forth some basic requirements in this aspect to make it easy to understand what is acceptable and what is not.

The first type of approach to monitoring one’s network for potential security attacks and the like has a potential problem in that is captures all data that passes through. Privacy is at risk with this method and Internet Service Providers are not allowed to disclose any information that is intercepted from users unless express permission is given by the user or under a court order. One network forensics tool is used by the FBI and is called Carnivore. This tool is very controversial because it captures information that may otherwise be private.

There really is a fine line when it comes to network forensics because ISPs and the like are intent on maintaining a secure Internet while hackers and other criminals are intent on infiltrating every weakness in operating systems and the Internet in general. So, network forensics is very important but some of the methods potentially violate user privacy and this is a problem. Nevertheless, network forensics is evolving slowly but surely and will certainly have a better way to capture information in the future without compromising privacy.

By: Caitlina Fuller

Article Directory: http://www.articledashboard.com

Caitlina Fuller is a freelance writer. There are a couple of different types of network forensic systems for network monitoring. These include the systems that pretty much catch and store all information that passes through a certain point. When it comes to network forensics it is important to have a basic understanding of lawful intercept.

Misc
Print This Article
Add To Favorites
Email to Friends
Ezine Ready
Join Our Community
Sign Up for an account or learn more.
Sponsored Links
Article Dashboard Authors
Submit Articles
Member Login
Submission Guidelines
Article RSS Feeds
Site Information
About Us
Link to Us
Contact Us
Privacy Policy
Terms of Service
Favicon Generator

© 2005-2011 Article Dashboard