Network forensics workshop


1. Download the dump file

2. Hash the file

3. Using TCPxtract recover the files (categorised) OR

4. Using NetworkMiner, try to recover the files, and other information from the dump.

Now grab any 2 of the extracted files and place them within as accurate a timeline as you can determine and analyse the source of these files as well as any surrounding activity that might be relevant.

Examples of information that you may gather: Open TCP ports, Number of packets received for a given session associated with an extracted file(s), Host type, which sessions prompted for usernames and passwords, etc.

This assessable should be presented in the form of a short report (< 1500 words

Compétences : Electronique, Ingénierie, Bricolage , Administration de réseaux, Rédaction Technique

Voir plus : netmask relate host network, network host calculator, netmask host network, perl netmask host network, network host

Concernant l'employeur :
( 179 commentaires ) karachi, Pakistan

N° du projet : #8507929