2018-09-27 - TRAFFIC ANALYSIS EXERCISE - BLANK CLIPBOARD

ASSOCIATED FILES:

NOTES:

 

SCENARIO

This month's exercise is very sparse, secenario-wise.  You have a pcap with a Windows host getting infected.  You also have two emails.  Your job is to figure out which one of the two emails kicked off the infection traffic in the pcap.

Unlike the past few exericses, I'm not including information on the lan segment.  You'll have to figure that one out on your own.  It's almost like someone's handed you a clipboard of information about the infection, but it only contains bank pages.

 


Shown above:  A clipboard with blank pieces of paper?  That's no help at all!

 

ANSWERS

 

Click here to return to the main page.