Second Challenge: Post Network Security Analysis $($Attack $-$forensics$)$:

$>$ Setup: Snort, Sguil, Squert and Wireshark.

$>$ Task$3$: analyze and investigate all three PCAP files in a post processing mode using Squert and Wireshark, define the type of attack and perform detailed time series analysis of each attack.

$\backslash (\backslash$checkmark $\backslash )$ Task $3\mathrm{.}1$: Investigate the provided $.$pcap files containing traffic from a suspected

$\backslash (\backslash$checkmark $\backslash )$ Task $3\mathrm{.}2$: Use Squert to detect any anomalies in the traffic captures.

Notes: You need to report and discuss the following:

$1.$ Show all steps, commands and output screens.

$2.$ Show how Snort, Squert and Wireshark is used to identify and investigate the attacks.

$3.$ All triggered Snort alerts with description.

$4.$ Perform a detailed time series analysis in Wireshark for the timeline of the attack. Assignment Deliverables:

$\backslash (>\backslash )$ Technical report of your work solving challenge $1$ and $2,$ this report should describe all steps that you have done to solve this assignment with screen shots of your demonstration.

Discuss your work live during an online session with your lecturer.

Simulation Setup should be ready all times.