Network traffic analysis for incident response

A typical corporate network makes use of a number of networking devices and mechanisms for preventing various attacks and maintaining the security of their...

Understanding network behavior is a prerequisite for developing effective incident detection and response capabilities. ESG research has found that 87 percent...

In this article, we’ll discuss some of the basic protocols that are commonly used in computer networking. A good understanding of computer networking is...

Computer networking is one of the most important skills that incident responders are required to have. Analyzing network traffic as an incident responder is...

A Remote Access Trojan (RAT) is part of the malware family. It enables covert surveillance, a backdoor channel and unfettered and unauthorized remote access...

The Internet of Things (IoT) incorporates everything from tiny sensors and devices to huge structures like cloud computing. IoT includes the major networks...

The Trivial File Transfer Protocol (TFTP) is designed to provide a bare-bones method of sending data from a server to a client. Its main use is for firmware...

The Secure Shell (SSH) is designed to allow confidential and authenticated remote access to a computer. Like the Telnet protocol, it enables a user to remotely...

Distributed Denial-of-Service (DDoS) attacks are one of the powerful cyber weapons threat actors use today. We often hear about a website being “brought...

Wireshark is a freely available tool for network traffic analysis. It can be used to either analyze saved packet capture files or perform live traffic capture...