1 ) Open the provided capture file using any SimSpace tools you see fit Use Network Miner and Wireshark on any Win Hunt VM and SNORT on any Win Hunt VM 2 ) Perform an analysis on the captured traffic Some things you should consider are the following ( not all of these happened and may not be all inclusive either ) a How long did the session capture last b How many packets were captured c How many bytes were captured d What protocols were observed e When did the bulk of the data get transmitted f What caused this transmission spike g Were any Internet Service Provider sites were accessed If so which ones What accounts h What is the name of the host computer It s IP address i What Operating system is it using j What does the local network look like k What device names are on the local network l Did I access any other computers on the local area network m Are any other devices on the network 3 ) What story does the capture file tell 4 ) Run the capture file through SNORT What if any alerts are triggered

The Answer is in the image, click to view ...

Question: 1 ) Open the provided capture file using any SimSpace tools you see fit. Use Network Miner and Wireshark on any Win - Hunt VM

1)

Open the provided capture file using any SimSpace tools you see fit. Use Network Miner and Wireshark on

any Win

-

Hunt VM and SNORT on any Win

-

Hunt VM

.

2)

Perform an analysis on the captured traffic. Some things you should consider are the following

(

not all of

these happened and may not be all inclusive either

)

.

How long did the session capture last?

.

How many packets were captured?

.

How many bytes were captured?

.

What protocols were observed?

.

When did the bulk of the data get transmitted?

.

What caused this transmission spike?

.

Were any Internet Service Provider sites were accessed? If so which ones? What accounts?

.

What is the name of the host computer? It

s IP address?

.

What Operating system is it using?

.

What does the local network look like?

.

What device names are on the local network?

.

Did I access any other computers on the local area network?

.

Are any other devices on the network?

3)

What

story

does the capture file tell?

4)

Run the capture file through SNORT. What if any alerts are triggered?

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Programming Questions!

I believe my home network has had a significant event ( s ) . I only use my network for internet access so I can access my Internet Service Provider ( ISP ) to read email. I am not sure whether this...

1) Open the provided capture file using any SimSpace tools you see fit. As a minimum use Network Miner on any kali-Hunt VM and SNORT on any Win-Hunt VM. 2) Perform an analysis on the captured...

PLEASE ANWSER ALL 16 QUESTIONS Open a terminal window by right-clicking on your VMs desktop and select Open Terminal. 3. Start wireshark. Do this by issuing the command sudo wireshark in your...

PART I 1. Start your INF 284 Ubuntu VM and log in as student. The password is cit247. 2. Open a terminal window by right-clicking on your VMs desktop and select Open Terminal. 3. Start wireshark. Do...

INTRODUCING THE WIRESHARK NETWORK ANALYZER 1.1. Work description When diagnosing network problems and studying the behavior of network applications, traffic analysis data is an invaluable source of...

Lab 1 Objective To acquaint you with the Intrusion Detection Tools through an interactive session on the virtual machines that were presented in class, Mandiant Flare, and Kali Linux environment. You...

Hands-on Lab: Using Security Onion 2.3, CyberChef, and OSINT Whitman and Mattord, Principles of Incident Response and Disaster Recovery, Third Edition, 2022, 978-0-357-508329; Module 5: Incident...

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Averell Cabinetry Case Overview This case is presented as close as possible to the way you may encounter it in working life. Your role is that of a newly hired HR manager. You will learn about the...

Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...

The hospitality industry is competitive and businesses need to keep up with the latest hospitality trends to avoid being left behind. Additionally, keeping pace with the industry as a whole is a...

Draw the structures of all compounds with the formula C6H12C12 that can exist as meso compounds. Indicate how many meso compounds are possible for each structure.

A list of all accounts used by a company, including the identification number assigned to each account, is called a Question 29Select one: a. journal b. trial balance c. general journal d. chart of...

Northwest Utility Company faces increasing needs for capital. Fortunately, it has an Aa3 credit rating. The corporate tax rate is 35 percent. Northwest's treasurer is trying to determine the...