[SANS ISC] Comment your Packet Captures!

I published the following diary on isc.sans.org: “Comment your Packet Captures!“:

When you are investigating a security incident, a key element is to take notes and to document as much as possible. There is no “best” way to take notes, some people use electronic solutions while others are using good old paper and pencil. Just keep in mind: it must be properly performed if your notes will be used as evidence later… With investigations, there are also chances to you will have to deal with packet captures… [Read more]


[The post [SANS ISC] Comment your Packet Captures! has been first published on /dev/random]

Article Link: https://blog.rootshell.be/2018/01/18/sans-isc-comment-packet-captures/