Any packet analysis...
 
Notifications
Clear all

Any packet analysis tool for network forensics?E-Detective?

3 Posts
2 Users
0 Likes
482 Views
(@lawrencewu)
Posts: 3
New Member
Topic starter
 

Hello Guys

Does any one really use any network forensics tool for performing network evidence extraction? As I have some experience of using “E-Detective System”(http//www.edecision4u.com/) for analyzing network evidence, I would like to share such information to you guys.

E-Detective System can do many protocol decoding, such as Email (POP3, SMTP, IMAP, Webmail), IM/Chat (Yahoo, MSN, ICQ, AOL, QQ, UT Chat Room, Skype VOIP Log), HTTP (Link, Content, Reconstruct, Upload/Download), FTP, P2P, Online Game, Telnet etc.). This is a Linux-based system, and pcap files can be imported for performing evidence extraction task. For other usage, such as network auditing, it can function as real time traffic sniffing and decoding. However, in the part of providing forensic functions, it supports searching function only. Other good stuff for forensic investigations, such as hash value technology, file signature detection and bookmark functions, are still not developed in E-Detective.

As I know from Asian news, E-Detective is still dedicated for adding more functions for network forensics usage. E-Detective is also looking for new investors for designing and developing a more comprehensive network forensic tool set. If anyone interested in using such tool, buying network forensics OEM service, or invest its technology, you should visit their website.

 
Posted : 08/07/2008 9:44 pm
(@lawrencewu)
Posts: 3
New Member
Topic starter
 

Other website regarding to this tool
http//www.digi-forensics.com/home.html

Contact information for E-Detective
chang_kan@decision.com.tw

 
Posted : 08/07/2008 9:51 pm
(@ganron)
Posts: 16
Active Member
 

CHeckout this

Netintercept
http//www.sandstorm.net/products/netintercept/

Netwitness
http//www.netwitness.com/

I personally not used it.But worked with Omnipeek and Wireshark for monitoring purpose only.

 
Posted : 09/07/2008 8:36 am
Share: