Skip to main content

Posts

Featured

Analyze a DDoS Attack

  Correct answer: There are multiple source addresses for the SYN packets with the destination address 128.28.1.1. Complete this lab as follows: From the Favorites bar, open Wireshark. Under Capture, select  enp2s0 . From the menu, select the  blue fin  to begin the capture. In the Apply a display filter field, type  tcp.flags.syn==1 and tcp.flags.ack==1  and press  Enter  to filter the Wireshark display to only those packets with both the SYN flag and ACK flag. You may have to wait several seconds before any SYN-ACK packets are captured and displayed. Select the  red square  to stop the capture. In the Apply a display filter field, change the tcp.flags.ack ending from  1  to  0  and press  Enter  to filter the Wireshark display to packets with only the SYN flag. Notice that there are a flood of SYN packets being sent to 128.28.1.1 (www.corpnet.xyz) that were not being acknowledged. In the top right, select...
Post a Comment
Read more

Latest Posts

Perform a DoS Attack

Post a Comment
Image

Lab 10.3.6 Perform and Analyze a SYN Flood Attack [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Post a Comment

Lab 10.2.11 Hijack a Web Session [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Post a Comment
Image

Lab 10.2.6 Perform a Man-in-the-Middle DHCP Attack [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Post a Comment
Image

Lab 10.1.12 Analyze Email Traffic for Sensitive Data [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Post a Comment
Image

Lab 10.1.11 Filter and Analyze Traffic with Wireshark Data [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Post a Comment

Poison DNS

Post a Comment

Lab 10.1.8 Poison ARP and Analyze with Wireshark [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

Post a Comment

Lab 10.1.6 Spoof MAC Addresses with SMAC [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3] CompTia

Post a Comment