±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35894
New Yesterday: 0 Visitors: 115

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Any packet analysis tool for network forensics?E-Detective?

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

lawrencewu
Newbie
 

Any packet analysis tool for network forensics?E-Detective?

Post Posted: Jul 08, 08 21:44

Hello Guys

Does any one really use any network forensics tool for performing network evidence extraction? As I have some experience of using “E-Detective System”(http://www.edecision4u.com/) for analyzing network evidence, I would like to share such information to you guys.

E-Detective System can do many protocol decoding, such as Email (POP3, SMTP, IMAP, Webmail), IM/Chat (Yahoo, MSN, ICQ, AOL, QQ, UT Chat Room, Skype VOIP Log), HTTP (Link, Content, Reconstruct, Upload/Download), FTP, P2P, Online Game, Telnet etc.). This is a Linux-based system, and pcap files can be imported for performing evidence extraction task. For other usage, such as network auditing, it can function as real time traffic sniffing and decoding. However, in the part of providing forensic functions, it supports searching function only. Other good stuff for forensic investigations, such as hash value technology, file signature detection and bookmark functions, are still not developed in E-Detective.

As I know from Asian news, E-Detective is still dedicated for adding more functions for network forensics usage. E-Detective is also looking for new investors for designing and developing a more comprehensive network forensic tool set. If anyone interested in using such tool, buying network forensics OEM service, or invest its technology, you should visit their website.  
 
  

lawrencewu
Newbie
 

Re: Any packet analysis tool for network forensics?E-Detecti

Post Posted: Jul 08, 08 21:51

Other website regarding to this tool:
www.digi-forensics.com/home.html

Contact information for E-Detective:
chang_kan @ decision.com.tw  
 
  

ganron
Member
 

Re: Any packet analysis tool for network forensics?E-Detecti

Post Posted: Jul 09, 08 08:36

CHeckout this:

Netintercept
www.sandstorm.net/prod...intercept/

Netwitness
www.netwitness.com/

I personally not used it.But worked with Omnipeek and Wireshark for monitoring purpose only.  
 

Page 1 of 1