Digital Forensic Tools Essay Example | Topics and Well Written Essays - 1000 words

Digital Forensic Tools - Essay Example Likewise, anomalous space extraction will enhance capabilities of network administrators for PCA based methods. Moreover, network wide correlation analysis of amplitude and frequency that is also a subset of this methodology will determine overall transmission of data packets initiating from these distributed networks. After the identification of the root cause or source of the worm, the next step is to identify the infected nodes as well. Network administrator will use a specialized tool capable of all the mentioned technological methods, as manual work will consume a lot of time and in some cases it becomes impossible to detect unknown patterns that are located deep down the network layers. The name of the tool is ‘Wireshark’, as it has advanced facilities and features that will analyze network traffic packet by packet and will provide in-depth analysis (Scalisi 2010). By using this ‘Wireshark’ tool, the first step a network administrator will take is the identification of traffic type or port types that will be the focus area. Likewise, the second step will be associated with capturing data packets on all ports that are available on the network (Scalisi 2010). However, the Network Forensic Analysis Tool (NFAT) provides playback actions for investigations an electronic crime or hacking activity. NFAT targets users, hosts and protocols along with content analysis as well. In spite of all these features, NFAT does not support overall detection of live network traffic. Consequently, ‘Wireshark’ will differentiate unknown network patters by analyzing each port so that statistics related to each data packet can be identified. The third task will be to trace the source from where the attack has been initiated.... Network administrator will use a specialized tool capable of all the mentioned technological methods, as manual work will consume a lot of time and in some cases it becomes impossible to detect unknown patterns that are located deep down the network layers. The name of the tool is ‘Wireshark’, as it has advanced facilities and features that will analyze network traffic packet by packet and will provide in-depth analysis (Scalisi 2010). By using this ‘Wireshark’ tool, the first step a network administrator will take is the identification of traffic type or port types that will be the focus area. Likewise, the second step will be associated with capturing data packets on all ports that are available on the network (Scalisi 2010). However, the Network Forensic Analysis Tool (NFAT) provides playback actions for investigations an electronic crime or hacking activity. NFAT targets users, hosts and protocols along with content analysis as well. In spite of all thes e features, NFAT does not support overall detection of live network traffic. Consequently, ‘Wireshark’ will differentiate unknown network patters by analyzing each port so that statistics related to each data packet can be identified. The third task will be to trace the source from where the attack has been initiated. Likewise, network administrators have to focus on two areas i.e. record routes and time stamps. Moreover, these two fields are also considered by network administrators to address routing issues that may occur.