For this discussion, find a recent (less than one month old) online journal or n

Question

For this discussion, find a recent (less than one month old) online journal or news article about a network or crime where a packet capture could have been used as evidence. Give the title of the article, the URL for where you found the article, and a brief summary of what the article was about .Then answer the following questions. Write one double-space page • What is the network where the packet capture would have had to take place? • Describe the evidence that could be found in the packet capture? • Are there any legal or private issues that could arise from capturing these packets?

Explanation / Answer

Packet capture is a networking term for intercepting an information packet that's crossing or moving over a particular computer network.

Once a packet is captured, it is stored quickly so it will be analyzed. The packet is inspected to help diagnose and solve network issues and confirm whether or not network security policies ar being followed.

Hackers can additionally use packet capturing techniques to steal knowledge that's being transmitted over a network.

Network managers analyze and manage overall network traffic and performance. To examine and capture real-time running packets over a network, different packet capturing techniques ar used.

One type of packet capturing is filtering, in which filters ar applied over network nodes or devices wherever knowledge is captured. Conditional statements determine that knowledge is captured. For example, a filter might capture knowledge returning from fundamental principle route and having W.X.Y.Z IP address.

Instead of filtering a particular portion of a packet, complete packets can additionally be captured. The full packet includes two things: a payload and a header. The payload is the actual contents of the packet, while the header contains further info, including the packet's supply and destination address. The different applications and uses of knowledge capturing embrace the following:

•           Security: Data capturing is used to spot security flaws and breaches by deciding the purpose of intrusion.

•           Identification of Data Leakage: Content analysis and watching helps to determine the leak purpose and its sources.

•           Troubleshooting: Managed through data capturing, troubleshooting detects the occurrence of unsought events over a network and helps solve them. If the network administrator has full access to a network resource, he can access it remotely and troubleshoot any problems.

•           Identifying Data/Packet Loss: When knowledge is taken, the network administrator can retrieve the taken or lost info simply mistreatment knowledge capturing techniques.

•           Forensics: Whenever viruses, worms or other intrusions ar detected in computers the network administrator determines the extent of the drawback. After initial analysis, she may block some segments and network traffic in order to avoid wasting historical info and network knowledge.

In the news recently, Janet Napolitano had packet-sniffing software put in at the UC Berkeley field to monitor all its traffic. This brings up the age old question: is such packet-sniffing legal, or a violation of wiretap laws.

Setting aside the legality question for the moment, I should initial purpose out that is its utterly traditional. Almost all organizations use "packet-sniffers" to assist manage their network. Almost all organizations have "intrusion detection systems" that monitor network traffic probing for hacker attacks. Learning how to use packet-sniffers like "Wireshark" is an element of each network engineer's coaching.

Related Questions

Navigate

• Browse (All)
• Browse F
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.