Topic Since information extracted from router or switch interfaces to not provide specific evidence of a particular crime in most cases, what use is the information collected from these devices.
Read and respond to atleast two other students Discussions. (5-6 lines would be more sufficient)
#1.Posted by Srikanth
Routers and switches give the availability, both inside the demilitarized Zone (DMZ) environment and to different tareas of the system to which the DMZ is connected. This makes Routers and switches prime targets for hackers to exploit and gather data about the system or just use as springboards on other devices. This section presents data on the best way to information and arrange some significant router and switch security includes that enable run safely and ensure the devices that they associate. Routers direct traffic all through the undertaking system and are normally the first line of barrier when the system is associating with the Internet. Hackers try to infiltrate routers to gather data or use them as launching pads for further attacks. This is the reason it is critical to secure switches' management interfaces and services to make them trouble for an interloper to hack. Similarly as with routers, switches have an expanding job in system security. The switch gives numerous highlights, including port security. VLANs and PVLANs give the tools to keep the devices on the DMZ secure. It is additionally imperative to secure the switch's management interfaces and services with the goal that hackers can't break into the switch to change VLAN designs, change port settings, or utilize the switch to connect with different parts of the network.
Network forensics is capture, recording and analysis of network packets in order to determine the source of network security attacks. The major goal of network forensics is to collect evidence. It tries to analyze network traffic data, which is collected from different sites and different network equipment, such as firewalls and IDS. In addition, it monitors on the network to detect attacks and analyze the nature of attackers. Network forensics is also the process of detecting intrusion patterns, focusing on attacker activity.
Computer documents, emails, text and instant messages, transactions, images and Internet histories are examples of information that can be gathered from electronic devices and used very effectively as evidence. For example, mobile devices use online-based based backup systems, also known as the “cloud”, that provide forensic investigators with access to text messages and pictures taken from a particular phone. These systems keep an average of 1,000–1,500 or more of the last text messages sent to and received from that phone.In addition, many mobile devices store information about the locations where the device traveled and when it was there. To gain this knowledge, investigators can access an average of the last 200 cell locations accessed by a mobile device. Satellite navig ...
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
Topic Since information extracted from router or switch interfaces.docx
1. Topic Since information extracted from router or switch
interfaces to not provide specific evidence of a particular crime
in most cases, what use is the information collected from these
devices.
Read and respond to atleast two other students Discussions. (5-6
lines would be more sufficient)
#1.Posted by Srikanth
Routers and switches give the availability, both inside the
demilitarized Zone (DMZ) environment and to different tareas
of the system to which the DMZ is connected. This makes
Routers and switches prime targets for hackers to exploit and
gather data about the system or just use as springboards on
other devices. This section presents data on the best way to
information and arrange some significant router and switch
security includes that enable run safely and ensure the devices
that they associate. Routers direct traffic all through the
undertaking system and are normally the first line of barrier
when the system is associating with the Internet. Hackers try to
infiltrate routers to gather data or use them as launching pads
for further attacks. This is the reason it is critical to secure
switches' management interfaces and services to make them
trouble for an interloper to hack. Similarly as with routers,
switches have an expanding job in system security. The switch
gives numerous highlights, including port security. VLANs and
PVLANs give the tools to keep the devices on the DMZ secure.
It is additionally imperative to secure the switch's management
interfaces and services with the goal that hackers can't break
into the switch to change VLAN designs, change port settings,
or utilize the switch to connect with different parts of the
network.
Network forensics is capture, recording and analysis of network
packets in order to determine the source of network security
attacks. The major goal of network forensics is to collect
evidence. It tries to analyze network traffic data, which is
2. collected from different sites and different network equipment,
such as firewalls and IDS. In addition, it monitors on the
network to detect attacks and analyze the nature of attackers.
Network forensics is also the process of detecting intrusion
patterns, focusing on attacker activity.
Computer documents, emails, text and instant messages,
transactions, images and Internet histories are examples of
information that can be gathered from electronic devices and
used very effectively as evidence. For example, mobile devices
use online-based based backup systems, also known as the
“cloud”, that provide forensic investigators with access to text
messages and pictures taken from a particular phone. These
systems keep an average of 1,000–1,500 or more of the last text
messages sent to and received from that phone.In addition,
many mobile devices store information about the locations
where the device traveled and when it was there. To gain this
knowledge, investigators can access an average of the last 200
cell locations accessed by a mobile device. Satellite navigation
systems and satellite radios in cars can provide similar
information. Even photos posted to social media such as
Facebook may contain location information. Photos taken with a
Global Positioning System (GPS)-enabled device contain file
data that shows when and exactly where a photo was taken. By
gaining a subpoena for a particular mobile device account,
investigators can collect a great deal of history related to a
device and the person using it.
#2.Posted by Naresh
Digital forensics is a special branch of forensic science and
playing a vital role in lower down the cyber-crimes including
the identification, recovery, investigation, validation, and
presentation of facts regarding digital evidence found on
computers, network devices and storage media devices which
deals with digital data. In solving cyber-crimes evidences
collected from network devices like Routers and switches used
as a second source of event corroboration which is extremely
3. useful in determining the root cause of an incident. The ability
to attain network-based evidence is mainly dependent on the
preparations that are untaken by business organization prior to
an incident. Without some critical components of a proper
infrastructure security program, key pieces of evidence will not
be available for incident responders in a timely manner and the
critical components for this preparation includes appropriate
network documentation, up to date configurations of network
devices and a central syslog server deployment and
maintenance.
Coming to the network device as evidence in investigation need
to mention about what king of evidences can be extracted from
these devices. There are a range of companies provides these
network devices and in the evidence collecting process
specialist should become familiar on how to access these
devices and obtain the necessary evidences. Switches are back-
bone of the local area networks where handle the traffic for
individual segments. Switches have two key points of evidence,
first is the Content Addressable Memory (CAM) table. This
CAM table maps the physical ports on the switch to
the Network Interface Card (NIC) on each device connected to
the switch. This can aid in the identification of possible rogue
devices. The second way switches can aid in an incident
investigation is through facilitating network traffic capture.
The second type of network device is Router, it allows
organizations to connect multiple LANs into either Metropolitan
Area Networks or Wide Area Networks and handled an
extensive amount of traffic. The key piece of evidentiary
information that routers contain is the routing table. This table
holds the information for specific physical ports that map to the
networks.
To identify potential sources of evidence, incident responders
need to have a solid understanding of evidence from a wide
range of sources. Different types of LOGS are the key thing
when it comes to evidence collection including logging as close
4. to the event, document Failures, logs from compromised
systems. Data collected by Discovery on network routers and
switches identified by table field corresponding source or
destination for example “IP address cmdb_ci_network_adapter
source from SNMP, IP MIB”, in Router Forensics some CLI
commands ´”Show access list, Show clock, Show ip route and
Show startup” produces the relative evidences can be used as
secondary evidences in most of the cyber-crime investigations.