Packet Forensics
Results 1 to 3 of 3

Thread: Packet Forensics

  1. #1
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,019

    Packet Forensics

    I found these threads a couple days ago, and I thought they were very interesting.

    http://www.antionline.com/showthread...hreadid=239003

    http://www.antionline.com/showthread...hreadid=238314

    Since I didn't understand anything at all, and these threads fell into my area of interest, I did some hunting around and found these links...

    http://www.networkuptime.com/tutoria...tcp/index.html

    http://www.networkuptime.com/tutorials/arp/index.html

    Does anybody have any other helpful links to help to learn to "decode" packet contents? These two are a good start, but Google isn't finding what I want.

    Thanks

  2. #2
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    You want to look into intrusion detection. I'd recommend picking up snort, windump/tcpdump, etc and related tutorials and materials. I'd also recommend you go check out the http://www.sans.org reading room ... more specifically the intrusion detection materials. Finally a good book on tcp/ip such as tcp/ip illustrated would be a nice thing to pick up.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Don't forget the honeynet project.. http://www.honeynet.org/
    Not the best site, but it does have some good info.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •