Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Digital Forensics with Kali Linux

You're reading from   Digital Forensics with Kali Linux Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x

Arrow left icon
Product type Paperback
Published in Apr 2023
Publisher Packt
ISBN-13 9781837635153
Length 414 pages
Edition 3rd Edition
Arrow right icon
Author (1):
Arrow left icon
Shiva V. N. Parasram Shiva V. N. Parasram
Author Profile Icon Shiva V. N. Parasram
Shiva V. N. Parasram
Arrow right icon
View More author details
Toc

Table of Contents (24) Chapters Close

Preface 1. Part 1: Blue and Purple Teaming Fundamentals
2. Chapter 1: Red, Blue, and Purple Teaming Fundamentals FREE CHAPTER 3. Chapter 2: Introduction to Digital Forensics 4. Chapter 3: Installing Kali Linux 5. Chapter 4: Additional Kali Installations and Post-Installation Tasks 6. Chapter 5: Installing Wine in Kali Linux 7. Part 2: Digital Forensics and Incident Response Fundamentals and Best Practices
8. Chapter 6: Understanding File Systems and Storage 9. Chapter 7: Incident Response, Data Acquisitions, and DFIR Frameworks 10. Part 3: Kali Linux Digital Forensics and Incident Response Tools
11. Chapter 8: Evidence Acquisition Tools 12. Chapter 9: File Recovery and Data Carving Tools 13. Chapter 10: Memory Forensics and Analysis with Volatility 3 14. Chapter 11: Artifact, Malware, and Ransomware Analysis 15. Part 4: Automated Digital Forensics and Incident Response Suites
16. Chapter 12: Autopsy Forensic Browser 17. Chapter 13: Performing a Full DFIR Analysis with the Autopsy 4 GUI 18. Part 5: Network Forensic Analysis Tools
19. Chapter 14: Network Discovery Tools 20. Chapter 15: Packet Capture Analysis with Xplico 21. Chapter 16: Network Forensic Analysis Tools 22. Index 23. Other Books You May Enjoy

Identifying devices and operating systems with p0f

Let’s get started with p0f. p0f is a small tool that can be used to passively scan and detect operating systems within a network. This scanning tool is considered passive because it does not send data to other hosts apart from Synchronize (SYN) packets. This is very useful when trying to quietly collect information about other hosts on a network in DFIR investigations.

Let’s look at how to install and use p0f to detect other host operating systems on the network:

  1. Depending on the version of Kali you are running (2019.3 – 2023.1), you can run the p0f –h command to determine whether it is preinstalled. If not, Kali will ask whether you would like to install it. Press y to accept and install it, as seen in the following screenshot.
Figure 11.1 – Installing p0f in Kali

Figure 11.1 – Installing p0f in Kali

  1. Run the p0f –h command again after installation. This displays the network interface...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image