2016-12-17 - TRAFFIC ANALYSIS EXERCISE - YOUR HOLIDAY PRESENT
- ZIP archive with a PCAP of the traffic: 2016-12-17-traffic-analysis-exercise.pcap.zip 12.1 MB (12,099,489 bytes)
All ZIP files on this site are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
As I write this, Christmas is less than 3 weeks away, so it's time to wrap some presents! As everyone knows, it isn't the size or cost of the gift, it's the thought that counts. My gift to you this holiday season is a pcap and the chance to hone your traffic analysis skills.
Shown above: If I could wrap a pcap as a present, this is what it would look like.
As usual, the pcap I'm gifting you contains traffic related to an infection, and the infection happened on a Windows computer.
Shown above: If it helps put you in the holiday spirit, picture this as the infected Windows host.
You should be able to recover the following information from the pcap:
- Start date and time of the traffic.
- MAC address of the infected Windows computer.
- IP address of the infected Windows computer.
- Host name of the infected Windows computer.
- The person's name (or account name) using the infected Windows host.
- A general description of how the computer became.
- Public IP address of the infected Windows computer.
- The country or general location of the infected Windows computer.
- Click here for the answers.
Click here to return to the main page.