Analysing pcap

asked 2020-09-28 18:08:24 +0000

Z_to_the_Z gravatar image

I have two pcap files and I am trying to find out how can I find from network traffic about which following information I should I be filtering the data for this? I was looking commands but it didnt show anything speficics just that help commands were sued.

  • BWE assets appear to have been active during the time of the power outage incident
  • What method/socket do you think could have been used in capturing passwords from one of the assets
  • At what time was the first command sent to switch off circuit and from which BWE asset?
edit retag flag offensive close merge delete

Comments

Is this a lab exercise where the pcaps can be shared or a real world network?
If a production network, can the pcaps be anonymized and shared?

Chuckc gravatar imageChuckc ( 2020-09-28 19:28:28 +0000 )edit

Sounds like a homework exercise.

Philst gravatar imagePhilst ( 2020-10-01 06:35:46 +0000 )edit