Network Forensics

Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. It is also called: Cyberforensics, Security Forensics, Digital Forensics, Forensic Analysis, and Forensics.

Internet service providers (ISPs) are expressly forbidden by the Electronic Communications Privacy Act (ECPA) from eavesdropping or disclosing intercepted contents except with user permission, for limited operations monitoring, or under a court order. The U.S. FBI's Carnivore is a controversial example of a network forensics tool.

Network forensics products are sometimes known as Network Forensic Analysis Tools (NFATs).

Revised: 08/01/06