NetSentry Player
NetSentry Player is a Linux-based centralized system. The product is designed for offline parsing of Internet raw data files (PCAP format). Previously captured raw data files from different sources, such as an Ethernet/LAN network or a WLAN network or from other packet capturing/sniffing tools, are decoded and then reconstructed to permit viewing of the original content.
By importing raw data files into the NetSentry Player, the system will parse, decode and reconstruct the files to their original content. The files are then stored in the Player's database for further analysis. Using sophisticated search functions, the investigator can easily locate the data in question. Setting up roles in user accounts gives the administrator the flexibility to assign rights and privileges to manage access to the reconstructed data. When necessary, the forensic investigation can be managed by assigning case(s), then building the case from searching the reconstructed data.
This tool is specifically designed to mine large amounts of stored PCAP data when a forensics investigation is necessary.
Law enforcement agencies, Government (federal & state) agencies, and all private companies conducting forensic investigation will find NetSentry Player the most efficient, time-saving and resource-saving tool available in the market today. Never before has there been a forensics tool as powerful as NetSentry Player.
Features of NetSentry Player include:
Reconstruction to original content:
Protocols include--Email (POP3, SMTP and IMAP), Web Mail (Read and Sent), Instant Message (MSN, ICQ, AOL, Yahoo, QQ, UT, Skype Voice Call Log, IRC), FTP, P2P, Games, HTTP (Link, Content, Reconstruct, Upload/Download, Video Stream) and Telnet.
Administrator/Users Management Function:
- Case Management
- Import analysis
- User management
- System setup
- Importing raw data records.
Search Features:
- Keyword
- Full text
- Search specific fields
- Wildcard
