Malware:ITX8060:2013:Lab2

Allikas: Lambda

LAB2

Download


Enisa Pcap - found in Enisa exercise image

Enisa Network Forensic Exercise pointers

Use last number from your student code

Pcap1 EVEN

Pcap2 ODD including 0



Assignment

understand wich files are downloaded is it a Malware ?

Where from files are downloaded

Any C&C or P2P connection data .

Timeline !

Snort or Suricata rule do detect.

How you did your assigment wich tools to whom you consulted and so on ..  ?



Additional hints

http://www.forensicswiki.org/wiki/Network_forensics

http://www.forensicswiki.org/wiki/Tools:Network_Forensics

Pärit leheküljelt "http://lambda.ee/w/index.php?title=Malware:ITX8060:2013:Lab2&oldid=11072"