Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    9.3 Routers

    Routers are (by definition) Layer 3 devices designed to pass packets between networks. These days, pretty much every router has the ability to do some filtering at Layer 3 as well. Most can examine Layer 4 sockets to some degree, and at least filter traffic based on source/destination port.

    9.3.1 Why Investigate Routers?

    Routers are typically involved in investigations for one of a few reasons:

    • Traffic of interest may traverse the router, resulting in associated flow data and related records. (A router is one of the most basic logging devices you will find on any network and also one of the most fundamental.)

    • The network topology is key to understanding evidence and incidents, and is described at Layer 3 by the aggregate of routing tables.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial