NetContExt Forensics Support
Network Packet Reassembly Service
If you have recorded a network sniffer trace and would like to see the original file information stored within the packets, we offer a TCP stream reassembly service using our NetContExt products. NetContExt uses '"Follow TCP Stream"' technology to reassemble packets and then search through the data payload for files.
For example, the NetContExt service enables you to actually see the JPG and GIF images from an HTTP capture or view the Microsoft Office documents FTP'd to a server. If you captured it in your trace we can extract it for you. NetContExt can handle any type of document or data stored within packets.
Contact us to discuss your project. Send us your recordings via email and we can get results to you ASAP. If requested, we will post your report on our secure, password protected web server.
NetContExt supports any size capture files up to gigabytes of data or more. Send smaller capture files (< 1MB) directly to Inetd.Com via ftp/scp/http/email or send large recordings on CDROM/DVD or even hard drives. Inetd.Com works with sensitive client data frequently and will ensure your data and report information is secure and private.
An extract from a typical NetContExt online HTML report will have the following layout with multiple thumbnails per page so you can clearly identify who/what/when.
It is important that you create your capture file correctly by saving the entire packet payload and not just the header. Also you must ensure that no packets are dropped during your recording. Call us if you require any advice on effectively capturing network data. We can supply preconfigured hardware and also supply complete solutions. See more information under our Products section.
Seeing is believingBy actually viewing the contents of your network capture files you can quickly and accurately find the information you are looking for. Instead of wading through meaningless packet trace files in hexidecimal, we can show you what actually occured on the network in a visual report.
If you want to start capturing data, download Ethereal here. Ethereal is free and supports a range of hardware including Linux and Windows. The original opensource packet sniffer is TCPDump. Download TCPDump here.
Inetd.Com supports the following packet capture file formats:
Inetd.Com is located in the heart of Silicon Valley, California. We enjoy solving complex network and system problems and pride ourselves on our innovation. What can Inetd.Com do for you?
For a free consultation on how Inetd.Com can help your business, please see our contact page or call us at 650-961-6631.