2018-09-27 - TRAFFIC ANALYSIS EXERCISE - BLANK CLIPBOARD
- Zip archive of the pcap: 2018-09-27-traffic-analysis-exercise.pcap.zip 17.1 MB (17,086,611 bytes)
- Zip archive of the two emails: 2018-09-27-traffic-analysis-exercise-both-emails.zip 4.2 kB (4,172 bytes)
- All zip archives on this site are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
This month's exercise is very sparse, secenario-wise. You have a pcap with a Windows host getting infected. You also have two emails. Your job is to figure out which one of the two emails kicked off the infection traffic in the pcap.
Unlike the past few exericses, I'm not including information on the lan segment. You'll have to figure that one out on your own. It's almost like someone's handed you a clipboard of information about the infection, but it only contains bank pages.
Shown above: A clipboard with blank pieces of paper? That's no help at all!
- Click here for the answers.
Click here to return to the main page.