Sign In
Not register? Register Now!
Essay Available:
Pages:
2 pages/β‰ˆ550 words
Sources:
3 Sources
Style:
APA
Subject:
Law
Type:
Coursework
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 10.37
Topic:

How Wireshark and Network Miner Work and their Difference

Coursework Instructions:

As a cybercrime professional you have many tools in your arsenal to stop network, DOS and/or Windows attacks. Read the article, 21 Best Free Digital Forensic Investigation Tools, which briefly describes many of the tools. As a cybercrime professional you have many tools in your arsenal to stop network, DOS and/or Windows attacks. Read the article, 21 Best Free Digital Forensic Investigation Tools, which briefly describes many of the tools.

Coursework Sample Content Preview:

1. Cybercrime Tools Selected
The tools selected for this paper are Wireshark and Network Miner. Wireshark is a packet sniffer used to analyze network traffic and possibly identify the unencrypted packets that may cause harm in a network (Stevens, 1).
Network Miner is a Network Forensic Analysis Tool (NFAT) commonly used in Windows operating systems to capture packets and possibly detect the hostnames, OS, open ports, and sessions on a network without putting additional traffic on it (Stevens, 1).
1.1 How the Selected Cybercrime Tools Work
Wireshark uses its Graphical User Interface to capture network traffic flowing through the different networking technologies, including Ethernet, Bluetooth, token rings, WiFI, and Frame Relays. Wireshark allows for packet filtering, and it is upon the network engineer or the cybersecurity expert to carry out offline analysis of the data captured by the analysis tool and filter the logs as they deem appropriate, either during the analysis or before the data capture.
Network Miner provides the user with a graphical interface and a list of menus that allows the network engineer to perform a wide range of analyses on the data captured. The host tab provides a list of devices connected to the network, identified by their MAC address, IP, hostname, sent or received packets, among other sorting criteria. The packet sniffing can be done by simply clicking the start button. Suspicious packets can then be blocked with the help of a network firewall.
1.2 How the Selected Cybercrime Tools are Different
Network Miner is a highly portable network forensic tool that does not necessarily have to be installed to run. On the other hand, Wireshark has to be installed on the host computer for it to run. Although both Wireshark and Network Miner are cross-platform tools, Network Miner is specifically designed for Windows operating systems, with a few releases working on Unix and Mac OS. Wireshark performs packet filtering using two techniques: capture filters and display filters (Wireshark.org, 2). The Network Miner has to involve using other network security technologies like the firewall to perform packet filtering.
2. Why the Cybercrime Tools are the Best Overall Choice
Both Wireshark and Network Miner are open-source forensic tools that allow developers from all over the world to improve the tools, increasing their robustness in a more timely manner considering the dynamic nature of cybercrime and cybercriminals. The tools also provide an easy-to-use graphical user interface that will allow users to monitor and analyze traffic in just a few cli...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

πŸ‘€ Other Visitors are Viewing These APA Coursework Samples: