‹‹ 上一主题 | 下一主题 ››
发新话题
打印

[转载]An Overview of Available Tools for Forensic Investigators

EvilOctal

团队执行官

Rank: 8Rank: 8

E.S.T社区执行帐号

帖子
9869 
精华
771 
积分
40986 
阅读权限
200 
性别
男 
在线时间
3986 小时 
注册时间
2004-7-4 
最后登录
2008-12-3 
楼主 发表于 2006-10-7 20:58  只看该作者

[转载]An Overview of Available Tools for Forensic Investigators

原始连接:http://www.forensicswiki.org/wiki/Tools

Network Forensics Tools
chkrootkit
...
cryptcat
...
netcat
...
netflow/flowtools
http://www.cisco.com/warp/public/732/Tech/nmp/netflow/index.shtml
http://www.splintered.net/sw/flow-tools/
NetIntercept
http://www.sandstorm.net/products/netintercept
NetIntercept captures whole packets and reassembles up to 999,999 TCP connections at once, reconstructing files that were sent over your network and creating a database of its findings. It recognizes over 100 types of network protocols and file types, including web traffic, multimedia, email, and IM.
rkhunter
...
Sguil
http://sguil.sourceforge.net/
Snort
http://www.snort.org/
Tcpdump
http://www.tcpdump.org
tcpextract
http://tcpxtract.sourceforge.net/
tcpflow
http://www.circlemud.org/~jelson/software/tcpflow/
truewitness
http://www.nature-soft.com/forensic.html
Linux/open-source. Based in India.

etherpeek
http://www.wildpackets.com/products/etherpeek/overview
曾几何时,有人对我说:装B遭雷劈。我说:去你妈的。于是,这个人又对我说:如果再说脏话,上帝会惩罚你的。我说:我操上帝。结论:彪悍的人生不需要上帝。

TOP

‹‹ 上一主题 | 下一主题 ››
发新话题