2015-03-03 - TRAFFIC ANALYSIS EXERCISE: YOU SEE ALERTS FOR ANGLER EXPLOIT KIT (EK). NOW WRITE A SUMMARY
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
PCAP:
- 2015-03-03-traffic-analysis-exercise.pcap.zip 3.3 MB (3,251,466 bytes)
SCENARIO
Time for another shift at your organization's Security Operations Center (SOC). You review some EmergingThreats alerts for Angler exploit kit on a host within your network.
You review the pcap and document the following:
- Date and time of the activity
- IP address of the associated desktop (or laptop) computer
- Host name of the associated desktop (or laptop) computer
- MAC address of the associated desktop (or laptop) computer
- Brief summary of the activity
FIRST BREAK POINT
- Document the above 5 items. Click here to see if your answers are accurate.
Click here to return to the main page.