Most of us who work in the security world have at one time or another looked at the raw output of a firewall, IDS, or other type of security device. What that output invariably leads one to is viewing packets directly for an investigation. Doing packet forensics can be a difficult and time consuming endeavour. Due to this fact, many of us prefer to use convenient tools such as Ethereal to help facilitate our analysis. There is a notable problem with this approach, however.
Expand all |
Post comment
Helped me get some things straight.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1845/6#6