Book Image

Learning Network Forensics

By : Samir Datt
Book Image

Learning Network Forensics

By: Samir Datt

Overview of this book

We live in a highly networked world. Every digital device—phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network. The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to successfully close a case.
Table of Contents (17 chapters)
Learning Network Forensics
About the Author
About the Reviewers

Understanding VPNs

Most organizations have private networks just dedicated to organizational use. The network could be a LAN, WAN, or MAN, depending upon the geographies involved and the requirements of the organization. Virtual private networks (VPNs), as the name suggests, are virtual networks that provide the private network experience for users over a public (unsecured) network—the Internet. To clarify, a VPN provides a secure tunnel to connect users outside the private network with their organizational network. VPNs use authentication and encryption for the data sent between the organization and the user outside the network boundaries:

VPNs can also be used to create secure connections between two geographically different offices, such as is in the case of branch offices and the head office. VPNs can play an altogether different role. Whenever a user wishes to access certain resources and does not wish the traffic to be intercepted or the IP address to be identified, the user may use...