Network Investigation Toolkit

NIT (Network Investigation Toolkit) is an integrated network monitoring and forensics analysis system, developed by Decision Group. NIT is delivered as a complete system with hardware (IBM X200 laptop and 3.5G/HSDPA USB Adapter for remote access by the user) and software pre-installed, ready to be placed in a machine room, NOC or any field deployment.

A Superior Network Investigation Toolkit

Most network monitoring tools can’t provide all the information that network administrators, IT managers, security professionals, auditors, software developers, analysts and forensics investigator need to know. The only way to abundantly and absolutely know how your network is being used is to capture the data packets and analyze them in detail. Network consultants know the value of this information, even when it comes with a high manpower cost. They will run a packet sniffer like tcpdump to capture raw network traffic into disk files, and then inspect the data with programs like strings. This yields only a brief and confusing glimpse into traffic data – and it is manually intensive and massively time-consuming.

NIT (Network Investigation Toolkit) is an integrated network monitoring and forensics analysis system, developed by Decision Group. NIT is delivered as a complete system with hardware (IBM X200 laptop and 3.5G/HSDPA USB Adapter for remote access by the user) and software pre-installed, ready to be placed in a machine room, NOC or any field deployment.

To use NIT, an IT manager or forensics investigator simply connects the system to the mirror port switch at the internet gateway or work as a standalone system in the wireless environment for a real-time capturing of data and reconstruction. The operation quite similar to Intrusion Detection Systems (IDSs), but NIT performs more than what IDS has by reconstructing the raw data captured to the original format in real-time. Apart from both wired and wireless functionality, NIT also includes the integrated features of HTTPS/SSL MITM interception on both LAN and WLAN networks as well as offline analysis and reconstruction of pre-captured raw data files.

NIT is specially designed for law enforcement agencies, police and military intelligent, Criminal Investigation Agencies, National Security Agencies, Cyber Security Agencies, Counter Terrorism Department, Forensics Investigator etc. to conduct the network based forensics investigation be it on a Wired or Wireless LAN networks.

What are the Capabilities of NIT?
- Interception of Ethernet LAN traffic through mirror port (or by network tap).
- Interception of WLAN traffic (up to 4 different WLAN channels).
- Interception of Ethernet LAN HTTPS/SSL traffic by MITM attack.
- Interception of WLAN HTTPS/SSL traffic by MITM attack.
- Real-time raw data decoding and reconstruction.
- Offline raw data decoding and reconstruction.
- Forensics analysis and investigation.

Want to Know More? Call us at +603.8024.8000

WIRED LAN Interception (Mirror Mode Implementation)

WIRELESS LAN Interception (Mirror Mode Implementation)

LAN HTTPS/SSL MITM Interception

Tags:
Get Adobe Flash playerPlugin by wpburn.com wordpress themes
Rss Feed Tweeter button Facebook button Technorati button Reddit button Myspace button Linkedin button Webonews button Delicious button Digg button Flickr button Stumbleupon button Newsvine button Youtube button