180 likes | 326 Views
Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool. Decision Group www.edecision4u.com. Introduction to Forensics Investigation Toolkit. Offline Raw Data Files (PCAP) Decoding and Layer 7 Reconstruction Tool Solution for:
E N D
Forensics Investigation Toolkit (FIT)Layer 7 Content Reconstruction Tool Decision Group www.edecision4u.com
Introduction to Forensics Investigation Toolkit Offline Raw Data Files (PCAP) Decoding and Layer 7 Reconstruction Tool Solution for: • Internet or Network Traffic Analysis (Network Administrator) • Auditing of Internet or Network Traffics (CISO and Auditor) • Network Forensics Analysis and Investigation (Government and LEA) Trial Version Available Forensics Investigation Toolkit (FIT) is a Windows based Application Software suitable for all users to analyze and investigate the content of Internet as well as network raw data files. Operation on platforms of: Internet Content Analysis
Working with • Set up a batch file to make pcap file from Wireshark • Making_pcap.bat • dumpcap command • i – NIC interface • s – packet size (Kbyte) • b – output pcap file style • file – pcap file number • filesize – pcap file size • w – output pcap file name cd /program files/wireshark dumpcap –i 1 –s 128 –b files:100 –b filesize: 2000000 –w c:/my document/pcap file/fit_raw_data01.pcap The Best Layer 7 Reconstruction Tool with Wireshark!
Email Webmail HTTP (Link, Content, Upload Download, Video FLV) IM/Chat (Yahoo, MSN, ICQ, QQ, IRC, Google Talk Etc.) File Transfer FTP, P2P Others Online Games Telnet, VoIP etc. Internet Protocols Supported
Full Text Search – Content Search Full Text Search – Search by Key Words
What you can do with FIT • With Forensic Investigation Tool, you can identify • Total network throughput • Application(s) occupying most bandwidth • Network user(s) consuming most bandwidth • Network performance with online services • Packets, which slow down network • Content, which involves in business conduct • Pattern, which is compliant with IT governance • Location, where target user is • … etc
References – Implementation Sites and Customers • Criminal Investigation Bureau • The Bureau of Investigation Ministry of Justice • National Security Agency (Bureau) in various countries • Intelligence Agency in various countries • Ministry of Defense in various countries • Counter/Anti Terrorism Department • National Police, Royal Police in various countries • Government Ministries in various countries • Federal Investigation Bureau in various countries • Telco/Internet Service Provider in various countries • Banking and Finance organizations in various countries • Others Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.
Thank You ! Decision Group www.edecision4u.com