2015-01-18 - TRAFFIC ANALYSIS EXERCISE

PCAP AND ANSWERS:

 

NOTES:

 

QUESTIONS

For each pcap, answer the following questions:

1) What is the date and time of the activity?
2) What is the IP address of the Windows host that gets infected?
3) What is the domain name and IP address of the compromised web site?
4) What is the domain name and IP address that delivered the exploit kit (EK)?
5) What is the name of the EK?