Packet Forensics
Results 1 to 3 of 3

Thread: Packet Forensics

  1. #1
    Senior Member
    Join Date
    Aug 2003

    Packet Forensics

    I found these threads a couple days ago, and I thought they were very interesting.

    Since I didn't understand anything at all, and these threads fell into my area of interest, I did some hunting around and found these links...

    Does anybody have any other helpful links to help to learn to "decode" packet contents? These two are a good start, but Google isn't finding what I want.


  2. #2
    Ninja Code Monkey
    Join Date
    Nov 2001
    Washington State
    You want to look into intrusion detection. I'd recommend picking up snort, windump/tcpdump, etc and related tutorials and materials. I'd also recommend you go check out the reading room ... more specifically the intrusion detection materials. Finally a good book on tcp/ip such as tcp/ip illustrated would be a nice thing to pick up.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI
    Don't forget the honeynet project..
    Not the best site, but it does have some good info.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts