- 29 Şub 2020
- 538
- 575
Today, we will briefly touch on the subject of "Forensic Computing Approach to Package Traffic".
As a result of attacks on today's systems, the development and spread of the tools used is increasing rapidly. Because of this, the importance of information security is increasing in all sectors. Many institutions today have taken into account this important factor of information security and resorted to many different protection methods in order to take precautions.
Firewalls, encryption tools, penetration detection systems, anti-virus software and similar tools such as port scanners are aimed at ensuring information security. The only method of detecting what is happening on the network system is to measure the data moving on the network and the component contents in critical sections and compare the measurements of the detections with the previous data.
Network Traffic
There are different kinds of information that can be collected over network protocols such as HTTPS - HTTP - SSH - POP - SMTP and Telnet. It is very important for system users responsible for network flow such as network traffic and e-mail data. The difference in the content collected through the network can create a very negative sensitivity for the people who examine it during the analysis.
Examples of these scenarios are proxy servers, TCP routing, web and e-mail names, packet routing, IP address and e-mail hijacking, DNS spoofing and session blocking.
Network Traffic Control
With the examination you will make on the systems, it is possible to access the running applications, users and services and the user's hardware information, operating system, web browser and software.
The data that can be accessed as a result of the examination on the network data are as follows;
network infrastructure
Network topology
Access to resources on the network
Access to other devices on the network
Network topology
Access to resources on the network
Access to other devices on the network
Have a nice day