.

Honeynet's Forensics challenge

<<

dbest

Jr. Member
Jr. Member

Posts: 79

Joined: Thu Jun 23, 2011 1:14 pm

Post Mon Mar 26, 2012 2:41 am

Honeynet's Forensics challenge

The 11th challenge in the series is out.
https://honeynet.org/node/829

Deadline is May 31st.

I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.
CISM, CEH, CISA, ISO 27001 LA
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon Mar 26, 2012 5:22 pm

Re: Honeynet's Forensics challenge

Cool stuff, thanks for sharing!  I've never heard of these challenges before.  I like that they keep the old challenges up, I'm gonna work my way through those too!
GSEC, eCPPT, Sec+
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Tue Mar 27, 2012 8:28 am

Re: Honeynet's Forensics challenge

I saw this last week, site looked fun so certainly added it to the favorites.  I was trying to dig down for some "easy" challenges to start on. 
Certs: GCWN
(@)Dewser
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Tue Mar 27, 2012 10:20 am

Re: Honeynet's Forensics challenge

L'autre Endroit Cellule ... All I'm saying  ;)
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Tue Mar 27, 2012 10:40 am

Re: Honeynet's Forensics challenge

dbest wrote:The 11th challenge in the series is out.
https://honeynet.org/node/829

Deadline is May 31st.

I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.





Open up the capture in Wireshark, right click on the first packet and select Follow TCP stream. In the drop down, select the second option, (181875 bytes), save that as a file named "output" If you're on Linux, type: file output to find out what kind of file it is and go from there.
<<

dbest

Jr. Member
Jr. Member

Posts: 79

Joined: Thu Jun 23, 2011 1:14 pm

Post Wed Mar 28, 2012 12:14 pm

Re: Honeynet's Forensics challenge

sil wrote:
dbest wrote:The 11th challenge in the series is out.
https://honeynet.org/node/829

Deadline is May 31st.

I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.



Thanks for the hint... time to investigate further.

Oh and i loved the scan of the month challenges. :)




Open up the capture in Wireshark, right click on the first packet and select Follow TCP stream. In the drop down, select the second option, (181875 bytes), save that as a file named "output" If you're on Linux, type: file output to find out what kind of file it is and go from there.
CISM, CEH, CISA, ISO 27001 LA

Return to Forensics

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software