Skip to main content
SpringerLink
Log in

Network Forensic Tools

  • Chapter
  • First Online:
Fundamentals of Network Forensics

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

Various tools are available in the literature for doing the network forensics. In this chapter, first the network forensic analysis tools such as NetDetector, NetIntercept, OmniPeek, PyFlag, and Xplico are discussed. Next the vulnerability assessment tools such as Metspoilt, Nessus, Nikto, Yersinla, Wikto, and Acunetix Web vulnerability scanner, with their merits and demerits, are discussed. The network sniffing and packet analyzing tools are required for capturing and analyzing the packets. Tools like Wireshark, Aircrack-ng, WebScarab, ngrep, NetworkMiner, Kismet, and eMailTrackerPro are discussed. Network scanning is done to know the active hosts in the network. In this chapter network scanning tools such as Nmap, angry IP scanner, and wireless and network watcher are discussed. Network monitoring tools are required for efficient monitoring of various activities of network. Networking monitoring tools such as IPTraf, VisualRoute, Ntop, and TCPStat are discussed. The intrusion detection system along with some tools is also discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  1. Merlette D, Pruthi DP (2003) Network security; NetDetector: identifying real threats and securing your network. [Online]. Available: https://www.niksun.com/, 09 Dec 2013

  2. S Enterprises (2003) Netintercept: a network analysis and visibility tool. [Online]. Available: http://www.sandstorm.com, 15 Dec 2013

  3. I N C Wildpackets (2003) OmniPeek Network Analyzer. [Online]. Available: https://www.savvius.com/products/overview/omnipeek_family/omnipeek_network_analysis, 12 Dec 2013

  4. Cohen M, Collett D (2005) Python forensic log analysis GUI (PyFlag). [Online]. Available: http://www.pyflag.net, 17 Dec 2013

  5. Costa G, De Franceschi A (2012) Xplico Internet Traffic Decoder-Network Forensics Analysis Tool. [Online]. Available: http://www.xplico.org/, 21 Dec 2013

  6. L L C Metasploit (2007) The metasploit framework. [Online]. Available: https://www.metasploit.com/, 25 Dec 2014

  7. Deraison R (2002) The nessus project. [Online]. Available: http://www.nessus.org, 15 Apr 2015

  8. Nikto (2001) Web server assessment tool. [Online]. Available: https://cirt.net/code/nikto.shtml, 19 Sept 2015

  9. Yersinia (2007) Network tool. [Online]. Available: http://www.yersinia.net/, 17 Jan 2015

  10. Wikto (2008) Web server assessment tool. [Online]. Available: http://sectools.org/tool/wikto/, 19 Feb 2015

  11. Acunetix (2007) Web vulnerability scanner. [Online]. Available: http://www.acunetix.com/vulnerability-scanner/, 19 Mar 2015

  12. Combs G (2007) Wireshark. [Online]. Available: http://www.wireshark.org/, 14 Dec 2014

  13. Otreppe T (2013) Aircrack-ng. [Online]. Available: http://www.aircrack-ng.org/, 22 Jan 2014

  14. Dawes R (2011) OWASP WebScarab Project. [Online]. Available: https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project, 30 Mar 2015

  15. Ritter J (2006) ngrep_Network grep. [Online]. Available: http://ngrep.sourceforge.net/, 14 Aug 2014

  16. NetworkMiner (2008) Network Forensic Analysis Tool (NFAT). [Online]. Available: http://www.netresec.com/?page=NetworkMiner, 23 Apr 2015

  17. Kershaw M (2004) Kismet readme. [Online]. Available: http://www.kismetwireless.net/, 08 Nov 2013

  18. Inouye D (2002) EmailTrackerPro 1.2 b. [Online]. Available: http://www.emailtrackerpro.com/, 16 May 2014

  19. Lyon G (2009) Nmap: free security scanner for network exploration & security audits. [Online]. Available: https://nmap.org/, 17 Apr 2015

  20. A I Scanner (2004) Network Scanner. [Online]. Available: http://angryip.org/, 19 Sept 2013

  21. Sofer N (2001) Wireless network watcher. [Online]. Available: http://www.nirsoft.net/utils/wireless_network_watcher.html, 16 Oct 2014

  22. Java GP (2001) Iptraf-an ip network monitor. [Online]. Available: http://iptraf.seul.org/, 17 Apr 2015

  23. Visualware (2012) Traceroute and network diagnostic tool. [Online]. Available: http://www.visualroute.com/, 01 Mar 2015

  24. Deri L, Suin S (1999) Ntop: beyond ping and traceroute. [Online]. Available, 12 July 2013

    Google Scholar 

  25. Herman P (2001) The tcpstat tool. [Online]. Available: http://www.frenchfries.net/paul/tcpstat, 29 June 2014

  26. Roesch M (1999) Snort: lightweight intrusion detection for networks. [Online]. Available: https://www.snort.org/, 09 July 2013

  27. Paxson V (1999) Bro: a system for detecting network intruders in real-time. [Online]. Available: https://www.bro.org/, 14 Mar 2014

Download references

Author information

Authors and Affiliations

  1. Graphic Era University, Dehradun, Uttarakhand, India

    R. C. Joshi

  2. Malaviya National Institute of Technology, Jaipur, Rajasthan, India

    Emmanuel S. Pilli

Authors
  1. R. C. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Emmanuel S. Pilli
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer-Verlag London

About this chapter

Cite this chapter

Joshi, R.C., Pilli, E.S. (2016). Network Forensic Tools. In: Fundamentals of Network Forensics. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-7299-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-7299-4_4

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-7297-0

  • Online ISBN: 978-1-4471-7299-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation