ABSTRACT
Network forensic analysis tools aid the network security issues as these tools are efficient enough for analyzing and correlating the network traffic and data from different security tools. This feature of network forensic tools is desirous for the users and security administrators as it provides required multilevel security to the network in the dynamic world of network forensics. The network forensic analysis tools are gaining tremendous positive response around the globe. Information security magazine has defined network forensic analysis tools (NFAT) as a product that captures and retains all the network traffic and facilitates its user with the features like replaying, isolating, and analyzing a network attack or stealthy behavior, which further enables the users to strengthen their security system. This chapter focuses on imparting in-depth knowledge about various tools used for network forensics. It gives knowledge about network forensic analysis and provides the details about classification of tools. It also helps to understand the various tools that are applied for the network forensics. It gives the basic knowledge of Windows- and UNIX-based analyses. This chapter also provides in-depth knowledge about various tools such as IP tracing, monitoring, analysis, and the traceroute tools.
