Reporting to management / evidence reconstruction and hypothesis

In this article I am covering the main points proved in the previous article, Network Forensics – Traffic Analysis (2) In order to report to management we will need to create a timeline that can be checked and that is supported by the evidence extracted from the pcap file. I am starting by a timeline…

Network Forensics – Traffic Analysis (1)

After some time researching I found some interesting network forensic challenges that I will like to discuss with you. The main purpose is to bring back and update my network analysis skills. There are different ways to reach the solution however as my background is Incident Response I always try to get results fast and…