Work has to be done with wireshark. You have been given a network capture file and you have to:
1) Look at the Protocol Hierarchy Statistics (Statistics >Protocol Hierarchy).
2) Find out what the actual HTTP requests were. You will need to save all of the HTTP objects from the pcap file.
3) Look at the uncompressed body of the first GET request’s response (Packet No 15) you will see that it contains a directory listing containing a few files. A number of these files listed in the directory listing are subsequently downloaded. What are they called?
4) Extract the downloaded files from this pcap using Wiresharks export object feature (File >Export Objects >HTTP) and save all of the files.
5) Now examine their contents and see if you can identify the flag in the EXIF comment of the 9996296a1ea2320620b1e7188d4c44a2 file
6) Write a short report giving an overview of the steps you took, and the findings for each of the 5 sections above.
as well as:
1) Analyse the network capture file.
2) Identify the file transferred.
3) This should be a disk image. You need to recover the suspects disk image
4) Try to identify traffic that belongs to IRC chat between employee and badguy.
5) Write a report that details how you performed the analysis to identify the evidence required.
a. You should show the filters you used to extract the information.
b. The report should include screen captures showing the results of your investigation.
sumarise everything in a short report with screenshots on each step.
6 pekerja bebas membida secara purata £130 untuk pekerjaan ini
Hello, I'm a Network Engineer, System Admin, and Security expert and I would like to work on your project. I'm an experienced Wireshark protocol analyst and I would like to job your job. Hire me.
I have experience in wireahark [login to view URL] u ping me i can show my work. And the task you have shared i can [login to view URL] me know what do you think.