Results 1 to 3 of 3
  1. #1
    Senior Member
    Join Date
    Aug 2003

    Packet Forensics

    I found these threads a couple days ago, and I thought they were very interesting.



    Since I didn't understand anything at all, and these threads fell into my area of interest, I did some hunting around and found these links...



    Does anybody have any other helpful links to help to learn to "decode" packet contents? These two are a good start, but Google isn't finding what I want.


  2. #2
    Ninja Code Monkey
    Join Date
    Nov 2001
    Washington State
    You want to look into intrusion detection. I'd recommend picking up snort, windump/tcpdump, etc and related tutorials and materials. I'd also recommend you go check out the http://www.sans.org reading room ... more specifically the intrusion detection materials. Finally a good book on tcp/ip such as tcp/ip illustrated would be a nice thing to pick up.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI
    Don't forget the honeynet project.. http://www.honeynet.org/
    Not the best site, but it does have some good info.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.