What is the domain name of the compromised web site?.What is the IP address of the compromised web site?.What is the MAC address of the infected VM?.What is the host name of the Windows VM that gets infected?.What is the IP address of the Windows VM that gets infected?.The writeup will be about the level 1 and level 2 questions this time: Today, I’ll start with the exercise " - TRAFFIC ANALYSIS EXERCISE". It helps the security team to find out where the problem happened and how to mitigate it. The pcap file is a traffic capture which we can analyse in Wireshark and find out where things went wrong!īeing able to effectively analyse traffic is a very important skill for the security for any organisation. Depending on the exercise, you get a pcap and other files. The real treasure is of course the amazing exercises page. Malware Traffic blog has a lot of knowledge so I highly recommend to bookmark it somewhere.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |