Network traffic isn't the only thing that needs analyzing sometimes. A network forensic analysis tool for Windows, NetworkMiner by security software company Netresec is designed to collect data about the hosts on the network as opposed to the traffic. It sniffs for packets and even parses PCAP files in order to help its users detect the OS, hostname and open ports of hosts on the network. This can prove an excellent tool for incident response teams seeking to reassemble transmitted files and certificates without adding additional traffic to the network.
Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full Bio