Abstract
Various tools are available in the literature for doing the network forensics. In this chapter, first the network forensic analysis tools such as NetDetector, NetIntercept, OmniPeek, PyFlag, and Xplico are discussed. Next the vulnerability assessment tools such as Metspoilt, Nessus, Nikto, Yersinla, Wikto, and Acunetix Web vulnerability scanner, with their merits and demerits, are discussed. The network sniffing and packet analyzing tools are required for capturing and analyzing the packets. Tools like Wireshark, Aircrack-ng, WebScarab, ngrep, NetworkMiner, Kismet, and eMailTrackerPro are discussed. Network scanning is done to know the active hosts in the network. In this chapter network scanning tools such as Nmap, angry IP scanner, and wireless and network watcher are discussed. Network monitoring tools are required for efficient monitoring of various activities of network. Networking monitoring tools such as IPTraf, VisualRoute, Ntop, and TCPStat are discussed. The intrusion detection system along with some tools is also discussed.
References
Merlette D, Pruthi DP (2003) Network security; NetDetector: identifying real threats and securing your network. [Online]. Available: https://www.niksun.com/, 09 Dec 2013
S Enterprises (2003) Netintercept: a network analysis and visibility tool. [Online]. Available: http://www.sandstorm.com, 15 Dec 2013
I N C Wildpackets (2003) OmniPeek Network Analyzer. [Online]. Available: https://www.savvius.com/products/overview/omnipeek_family/omnipeek_network_analysis, 12 Dec 2013
Cohen M, Collett D (2005) Python forensic log analysis GUI (PyFlag). [Online]. Available: http://www.pyflag.net, 17 Dec 2013
Costa G, De Franceschi A (2012) Xplico Internet Traffic Decoder-Network Forensics Analysis Tool. [Online]. Available: http://www.xplico.org/, 21 Dec 2013
L L C Metasploit (2007) The metasploit framework. [Online]. Available: https://www.metasploit.com/, 25 Dec 2014
Deraison R (2002) The nessus project. [Online]. Available: http://www.nessus.org, 15 Apr 2015
Nikto (2001) Web server assessment tool. [Online]. Available: https://cirt.net/code/nikto.shtml, 19 Sept 2015
Yersinia (2007) Network tool. [Online]. Available: http://www.yersinia.net/, 17 Jan 2015
Wikto (2008) Web server assessment tool. [Online]. Available: http://sectools.org/tool/wikto/, 19 Feb 2015
Acunetix (2007) Web vulnerability scanner. [Online]. Available: http://www.acunetix.com/vulnerability-scanner/, 19 Mar 2015
Combs G (2007) Wireshark. [Online]. Available: http://www.wireshark.org/, 14 Dec 2014
Otreppe T (2013) Aircrack-ng. [Online]. Available: http://www.aircrack-ng.org/, 22 Jan 2014
Dawes R (2011) OWASP WebScarab Project. [Online]. Available: https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project, 30 Mar 2015
Ritter J (2006) ngrep_Network grep. [Online]. Available: http://ngrep.sourceforge.net/, 14 Aug 2014
NetworkMiner (2008) Network Forensic Analysis Tool (NFAT). [Online]. Available: http://www.netresec.com/?page=NetworkMiner, 23 Apr 2015
Kershaw M (2004) Kismet readme. [Online]. Available: http://www.kismetwireless.net/, 08 Nov 2013
Inouye D (2002) EmailTrackerPro 1.2 b. [Online]. Available: http://www.emailtrackerpro.com/, 16 May 2014
Lyon G (2009) Nmap: free security scanner for network exploration & security audits. [Online]. Available: https://nmap.org/, 17 Apr 2015
A I Scanner (2004) Network Scanner. [Online]. Available: http://angryip.org/, 19 Sept 2013
Sofer N (2001) Wireless network watcher. [Online]. Available: http://www.nirsoft.net/utils/wireless_network_watcher.html, 16 Oct 2014
Java GP (2001) Iptraf-an ip network monitor. [Online]. Available: http://iptraf.seul.org/, 17 Apr 2015
Visualware (2012) Traceroute and network diagnostic tool. [Online]. Available: http://www.visualroute.com/, 01 Mar 2015
Deri L, Suin S (1999) Ntop: beyond ping and traceroute. [Online]. Available, 12 July 2013
Herman P (2001) The tcpstat tool. [Online]. Available: http://www.frenchfries.net/paul/tcpstat, 29 June 2014
Roesch M (1999) Snort: lightweight intrusion detection for networks. [Online]. Available: https://www.snort.org/, 09 July 2013
Paxson V (1999) Bro: a system for detecting network intruders in real-time. [Online]. Available: https://www.bro.org/, 14 Mar 2014
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer-Verlag London
About this chapter
Cite this chapter
Joshi, R.C., Pilli, E.S. (2016). Network Forensic Tools. In: Fundamentals of Network Forensics. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-7299-4_4
Download citation
DOI: https://doi.org/10.1007/978-1-4471-7299-4_4
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-7297-0
Online ISBN: 978-1-4471-7299-4
eBook Packages: Computer ScienceComputer Science (R0)