Network Forensic Tools

Various tools are available in the literature for doing the network forensics. In this chapter, first the network forensic analysis tools such as NetDetector, NetIntercept, OmniPeek, PyFlag, and Xplico are discussed. Next the vulnerability assessment tools such as Metspoilt, Nessus, Nikto, Yersinla, Wikto, and Acunetix Web vulnerability scanner, with their merits and demerits, are discussed. The network sniffing and packet analyzing tools are required for capturing and analyzing the packets. Tools like Wireshark, Aircrack-ng, WebScarab, ngrep, NetworkMiner, Kismet, and eMailTrackerPro are discussed. Network scanning is done to know the active hosts in the network. In this chapter network scanning tools such as Nmap, angry IP scanner, and wireless and network watcher are discussed. Network monitoring tools are required for efficient monitoring of various activities of network. Networking monitoring tools such as IPTraf, VisualRoute, Ntop, and TCPStat are discussed. The intrusion detection system along with some tools is also discussed.