Most of us who work in the security world have at one time or another looked at the raw output of a firewall, IDS, or other type of security device. What that output invariably leads one to is viewing packets directly for an investigation. Doing packet forensics can be a difficult and time consuming endeavour. Due to this fact, many of us prefer to use convenient tools such as Ethereal to help facilitate our analysis. There is a notable problem with this approach, however.
Aju Thomas
This was an amazing piece of information for anybody who wants to know what exatcly happening on with TCP packets.Really helpfull.
A must read topic for any CISSP learners..!
Thanks
Aju Thomas
Network Analyst
Siemens,India
...
[ more ]