2015-01-18 - TRAFFIC ANALYSIS EXERCISE
PCAP AND ANSWERS:
- ZIP of this week's pcap (1 of 2): 2015-01-18-traffic-analysis-exercise-1-of-2.pcap.zip
- ZIP of this week's pcap (2 of 2): 2015-01-18-traffic-analysis-exercise-2-of-2.pcap.zip
- ZIP of his week's answers (PDF file): 2015-01-18-traffic-analysis-exercise-answers.pdf.zip
NOTES:
- ZIP files are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
QUESTIONS
For each pcap, answer the following questions:
1) What is the date and time of the activity?
2) What is the IP address of the Windows host that gets infected?
3) What is the domain name and IP address of the compromised web site?
4) What is the domain name and IP address that delivered the exploit kit (EK)?
5) What is the name of the EK?
