NIKSUN has acquired Sandstorm Enterprises in a transaction involving assets and staff. For details please click: http://niksun.com/news.php?id=36
Sandstorm Enterprises, the company that gave you
PhoneSweep, now introduces:
NetIntercept with Chain of Custody and Investigator's Notebook
Sandstorm Enterprises, the leader in digital forensic analysis software, announces the release of NetIntercept 4.2 with Chain of Custody and Investigator's notebook. NetIntercept lets you protect the integrity of captured and analyzed traffic in order to provide a legal "Chain of Custody" (COC) when evidence from NetIntercept analysis is questioned in a court of law.
New Features in NetIntercept 4.2
Legal Chain of Custody allows you to verify that your data has not been tampered with; optionally hashes and signs all captured packet files to support later validation of the Chain-of-Custody
Optionally sorts unrecognized Ethertype, LLC SAP, SNAP OUI and IPv4 or IPv6 protocols into connections
Increased connection limit to 5,000,000 connections
Parses SFTP and SCP (secure file transfer protocols)
Increased data capture rate
View ASCII and Non-ASCII characters from network traffic throughout the GUI
Non-ASCII characters from network traffic are normalized to UTF-8 in reports and exported data
Experiment with our downloadable Windows demo to see the productivity benefits of NetIntercept. View our example analysis results, or import traffic you've captured.
NetIntercept silently monitors your network, captures whole packets (not just headers), and archives that
traffic for future session and packet analysis.
NetIntercept reconstructs sessions, using
patented heuristic traffic analysis to detect spoofing and non-standard port usage, unwraps compressed files,
reconstructs files sent over the network, and searches for key words and phrases.
Discover
Investigate
You're presented with a Result Set of session data, powerful search tools for investigation and analysis, graphs and reports,
and access to all the reconstructed files. And should you need raw packet-by-packet data analysis, that's available as well.
Allows users to store entries related to a single incident, or establish an ongoing incident log. Entries can be automatically linked to connections, images, bookmarks, and full Result Sets.
Here's what people are saying about NetIntercept:
"NetIntercept ... has the necessary tools to close in on desired information in huge
amounts of packet data, much like finding a specific grain of sand in the desert." - Mark Spencer, EvidentData
"[NetIntercept] drilled down into the packets in such a precise
way...without all the clutter of unneeded traffic. I was
impressed with the speed at which you can pinpoint or find a potential problem"
- an aerospace industry customer
"[NetIntercept] has the ability to look
into the past with perfect clarity. I can use NetIntercept to examine packet
by packet not only that one event, but all of the events that
led up to it." - a medical facility customer
"Sandstorm's NetIntercept gave us the most bang for the buck...which earned it our
Best Value award." - from "Body of Evidence - Network Forensic
Tools" by Greg Shipley
Sandstorm Home
Products
