Description: Network forensics is a field of studying monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.
in this field, network investigations deal with volatile and dynamic information.
Network forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form of Network forensics relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
got very good idea of basics of network forensics.
thanks
which tool is one of the best for network capturing and analysis !!!