Introducing Network Forensics with Wireshark
Join Eduardo Santos, Computer Network Analyst for a demonstration on how powerful the Wireshark tool is for analysis during forensic investigations and incident response. You will learn how protocol concepts in the TCP / IP stack can support an investigation. This talk will also cover setting filters, creating different profiles, analyzing patterns and checking statistical data. In addition Eduardo will discuss perceiving and analyzing recurring attacks on a computer network, such as DoS, malware traffic, HTTP malicious traffic, Command and Control artifacts. These are attributes that make Wireshark a powerful Open Source traffic analysis tool, which can support a forensic investigation and security incident response process.