Ask Your Question

Trying to figure what type of attack this is

asked 2019-11-09 15:48:54 +0000

I have the file here I am trying to figure what type of attack this is! I believe it is a DDOS attack but I am just not sure. Thanks.

edit retag flag offensive close merge delete


The file name is Lab2 - NMAP-Scan.pcap. Is this a nmap scan file? Have you checked the nmap docs?

Chuckc gravatar imageChuckc ( 2019-11-09 16:18:45 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2019-11-09 18:03:06 +0000

Chuckc gravatar image

updated 2019-11-09 18:06:03 +0000

There is a nmap scan buried in the capture. Is that what you're looking for?
Work down through the Statistics menus.
Protocol Hierarchy - not very interesting for this capture
Conversations - will help to find a very large conversation that can be excluded from analysis
Also pay attention to the ports being accessed. Does this look like expected traffic?
Endpoints - who are the chatty nodes and what are they doing?
Good luck!

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2019-11-09 15:48:54 +0000

Seen: 161 times

Last updated: Nov 09 '19