Forensics Investigation Toolkit (FIT) is a Windows - E

Report
Forensics Investigation Toolkit (FIT)
Layer 7 Content Reconstruction Tool
Decision Group
www.edecision4u.com
Introduction to Forensics Investigation Toolkit
Offline Raw Data Files (PCAP) Decoding and
Layer 7 Reconstruction Tool
Trial
Solution for:
Version
Available
 Internet or Network Traffic Analysis (Network Administrator)
 Auditing of Internet or Network Traffics (CISO and Auditor)
 Network Forensics Analysis and Investigation (Government and LEA)
Forensics Investigation Toolkit (FIT) is a Windows based Application
Software suitable for all users to analyze and investigate the content of
Internet as well as network raw data files.
Operation on platforms
of:
Internet Content
Analysis
Forensics Investigation Toolkit Application
Working with
Set up a batch file to
make pcap file from
Wireshark
Making_pcap.bat
dumpcap command
 i – NIC interface
 s – packet size (Kbyte)
 b – output pcap file style
cd /program files/wireshark
dumpcap –i 1 –s 128 –b
files:100 –b filesize:
2000000 –w c:/my
document/pcap
file/fit_raw_data01.pcap
• file – pcap file number
• filesize – pcap file size
 w – output pcap file name
The Best Layer 7 Reconstruction Tool with Wireshark!
Internet Protocols Supported
Email
Webmail
IM/Chat
(Yahoo,
MSN, ICQ,
QQ, IRC,
Google Talk
Others
Etc.)
Online Games
Telnet, VoIP etc.
HTTP
(Link, Content,
Upload
Download,
Video FLV)
File Transfer
FTP, P2P
Sample: Email (POP3, SMTP and IMAP)
Sample: Webmail – Yahoo Mail, Gmail, Hotmail etc…
Sample: IM -Yahoo, MSN, ICQ, IRC, QQ, GTalk etc…
Sample: File Transfer – FTP Upload/Download
Sample: File Transfer – P2P File Sharing
Sample: HTTP (Content)
Sample: HTTP Upload/Download
Sample: HTTP Video Streaming (FLV Format)
Sample: HTTP Request
Full Text Search – Content Search
Full Text Search – Search by Key Words
What you can do with FIT
With Forensic Investigation Tool, you
can identify









Total network throughput
Application(s) occupying most bandwidth
Network user(s) consuming most bandwidth
Network performance with online services
Packets, which slow down network
Content, which involves in business conduct
Pattern, which is compliant with IT governance
Location, where target user is
… etc
References – Implementation Sites and Customers












Criminal Investigation Bureau
The Bureau of Investigation Ministry of Justice
National Security Agency (Bureau) in various countries
Intelligence Agency in various countries
Ministry of Defense in various countries
Counter/Anti Terrorism Department
National Police, Royal Police in various countries
Government Ministries in various countries
Federal Investigation Bureau in various countries
Telco/Internet Service Provider in various countries
Banking and Finance organizations in various countries
Others
Notes: Due to confidentiality of this information, the exact name and countries of
the various organizations cannot be revealed.
Decision Group
www.edecision4u.com

similar documents