Network Forensics: It’s basically sniffing, recording, acquisition, and analysis of network traffic and event logs in order to investigate security.
It can reveal many things like, Source of security incidents and attacks, Path of attack, Techniques used by attacker.
Types of network addressing scheme:
Intrusion detection System gathers and analyzes information.
As name suggest, it’s set to attract and trap people.
IP Address Spoofing: Attacker changes his/her IP address to hide identity.
Man in the middle attack: It’s intrudes into an existing connection between systems and to intercept messages being exchanged.
Packet sniffing: An attacker can capture the packet by putting a packet sniffer on the network.
Buffer Overflow: Buffer overrun in the stack space. Attacker inject malicious code on the stack and overflows it to overwrite in return pointer so that the flow of control switches to the malicious code.
New line injection attack: Attacker inject plaintext into the log file.