Investigate attacks against your network with these open-source forensic tools

Even if you do everything right to secure your network, including implement security measures properly and maintain them vigilantly, no network is 100% secure. So, what do you do if, in spite of all your preparations, your network or systems get compromised? You need to pick up the pieces, figure out how your attackers got in, patch up the holes in your network security, and if necessary, track down the perpetrators and take further action.

Master the open-source forensic tools that can help you in this endeavor in this chapter download from Open Source Security Tools: The Practical Guide to Security Applications. These tools should give you enough to get started with basic forensic activity on just about any system. Chapter coverage includes:

• Uses for forensic tools
• Incident response concepts
• Preparing for forensic investigation
• Tenets of good forensic investigation
• Using Fport, Isof, DD, UNIX and Windows log files, Sleuth Kit, Autopsy Forensic Browser, and The Forensic Toolkit

Title: Open Source Security Tools: The Practical Guide to Security Applications
Author: Tony Howlett
Publisher: Prentice Hall
Chapter 11: Forensic Tools
ISBN: 0-321-19443-8; Copyright 2005 Prentice Hall. All rights reserved.
Used with permission from the publisher. Available from booksellers or direct from Prentice Hall