International Journal of Computer and Information Technology (IJCIT)
In this paper, the authors give an overview about the main tools and techniques available to ensure forensic investigations of network security attacks. Given that web and email services are the most common used network communication schemes, they mainly focus on the forensic investigation of email and web services attacks. Moreover, they present a set of forensics tools used for network traffic capture such as Snort, Pcap, TcpDump, and Ethereal. Besides, they present the major existing IP traceback schemes that have been designed to trace back to the origin of IP packets through the Internet.