For more information visit: bit.ly/OHM13_web
To download the video visit: bit.ly/OHM13_down
Playlist OHM 2013: bit.ly/OHM13_pl
Speaker: Guy Martin
Networks are part of our daily life. A lot of information transit through them but few really know what is actually transmitted and what information can be extracted. This talk will present pom-ng, a network forensic tool that performs real time analysis. The talk will focus on describing the coding challenges faced with such tool, architecture and what can be done with it.
The talk will be split in 3 parts.
The first part will describe the way packets are processed and the different outputs that are produced. I'll go in more details about IP de-fragmentation, TCP re-ordering and other related activities such as temporary offline DNS caching.
The second part will consist of a live demo demonstrating possible use of pom-ng using live traffic and the audience's traffic. Example will include dumping files out of
In the third part, the LUA code used to perform the demo will be explained for a very short tutorial.