Comparative study of TPC/IP network packet analyzer tools
DOI:
https://doi.org/10.5965/2316419001012012043Keywords:
security incidents, information security, network packets, packet analyzerAbstract
The security of information traffic over networks of computers has become a factor of considerable concern, because with the increasing use of computers and the Internet, there was a growing number of incidents in these computing environments. Many of these incidents can cause delays of the network or even provide access to confidential information. To get an overview of what is happening on a network makes use of software packet analyzers. The packet analyzers capture and present all the data traffics flow decoding and displaying the contents of the package for detailed analysis. There are several tools packet analyzer, both free tools and proprietary tools. This paper presents a comparative study involving two proprietary tools packet analyzer and two free, in order to present the features and their advantages and disadvantages.
Downloads
References
BANERJEE, USHA; VASHISHTHA, ASHUTOSH; SAXENA, MUKUL. Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection.In: InternationalJournalof Computer Applications. v. 6, n. 7, 2010.
COMER, DOUGLAS E. Redes de Computadores e a Internet - Abrange transmissão de dados, ligações inter-redes, web e aplicações. 4. ed. Rio de Janeiro: Bookman, 2007.
CORRÊA, JORGE L.; PROTO, ANDRÉ; CANSIAN, ADRIANO M. Modelo de armazenamento de fluxos de rede para análises de tráfego e de segurança. In: VIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais. Anais. 2008. Disponível em: <http://sbseg2008.inf.ufrgs.br/anais/data/pdf/st02_03_artigo.pdf>. Acesso em 20 de agosto de 2011.
KUROSE, JAMES F.; ROSS, KEITH W. Redes de Computadores e a Internet: Uma abordagem top-down. 3. ed. São Paulo: Pearson Addison Wesley, 2006.
CERT.br – Sobre o CERT.br. Disponível em: <http://www.cert.br/sobre>. Acesso em 27 de ago. 2011.
MARCELLA, ALBERT J.; MENENDEZ, D. Cyber Forensics – A Field Manual for Colleting, Examining, and Preserving Evidence of Computer Crimes.2. ed. Boca Raton: AuerbachPublication, 2008.
NBR ISO/IEC 27002. Tecnologia da informação – Técnicas de Segurança – Código de prática para a gestão da segurança da informação. Rio de Janeiro, 2005.
NAKAMURA, EMILIO T.; GEUS, PAULOL. Segurança de Redes em Ambientes Coorporativos – Fundamentos, Técnicas,Tecnologias, Estratégias. São Paulo: Novatec, 2007.
SANDERS C. Practical Packet Analysis - Using Wireshark to Solve Real - World Network Problems. São Francisco: No Starch Press, 2007
SILVA, GILSON MARQUES DA, LORENS, EVANDRO MÁRIO. Extração e Análise de Dados em Memória na Perícia Forense Computacional. In: Proceeeding of the Fourth International Conference of Forensic Computer Science (ICoFCS’2009), p. 29-36, Natal, 2009.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2012 Alex Ferreira dos Santos
This work is licensed under a Creative Commons Attribution 4.0 International License.
Brazilian Journal of Accounting and Management offers free and immediate access to its content, following the principle that providing scientifical knowledge in a free manner promotes a better world democratization of knowledge. Authors maintain copyright of articles and grant to the journal the rights of the first publication, according to the Creative Commons Attribution licensing criteria, which allows the work to be shared with initial publication and authorship recognition. These licenses allow others to distribute, remix, adapt, or create derived work, even if it is for commercial purposes, provided that the credit is given to the original creation.
