2015-02-15 - TRAFFIC ANALYSIS EXERCISE: ADDING ALERT INFORMATION TO THE REPORT

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

PCAP:

• 2015-02-15-traffic-analysis-exercise.pcap.zip   1.3 MB (1,284,313 bytes)

 

WITH THOSE ALERTS, YOU FINISH THE REPORT

Here's what you should've found when looking at the pcap.

 

Congratulations!  You're finished, and you can move on to other alerts and investigations!

 

IF YOU ARE STILL NOT SATISFIED

Still not 100 percent satisfied, are you?  People at your UK location find the victim's computer (a Dell desktop) and perform some forensics.  They send you a zip archive of some suspicious files they found on the computer.

• Click here to get the additional files.

 

Click here to exit this exercise and return to the main page.