Name: [Solved] CPE457 Lab 11-Network Protocols
Brand: Assignment Chef
SKU: [Solved] CPE457 Lab 11-Network Protocols
Price: 25 USD
Availability: InStock
Rating: 5 (1 reviews)

5/5 - (1 vote)

Lab Description: When performing reverse engineering activities, it often required to view network communication to gain a better understanding of your target software. This lab will focus on analyzing application-layer protocols through PCAP files.

Lab Environment: Students will need to be able to run the latest version of Wireshark to analyze the lab PCAP files.

Lab Files that are Needed: The provided PCAP files associated with this lab:

pcap
pcap
pcap

Answer the Following Questions

The following network traffic was generated from a sample of CryptoLocker, which utilized a domain-generation algorithm (DGA). Provide detailed answers to the following question, utilize dns.pcap for this section. Your goal is to understand what protocols this malware used and how it utilized them.

What protocols did this malware use? List them and provide discussion about the relevance of each one.
How many DNS queries did this malware generate?
What user-agent string did the malware use when making HTTP requests? What is the significance of this?
This malware is attempting to establish connection with a command and control node, was it able to do that? Support your answer with specific evidence from the PCAP file.

The following network traffic was generated by a malicious Microsoft Word document and used to gain an initial foothold onto a system. Your goal is to analyze how the malware used application layer protocols to further its attack. Use http.pcap for this section.

What domain was used in this attack? What was the IP address returned from the query?
What resource was requested from the malware? This is the first HTTP request that was made. What was provided as a response?

The following network traffic utilized an application layer protocol. Your goal is to understand what happened based off of the network traffic. Use unk.pcap for this section.

What protocol was captured in this PCAP?
What port was used for this session?
What was the username/password used to authenticate?
What did the user do?

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

Whatsapp Us

[Solved] CPE457 Lab 11-Network Protocols

Reviews

Related products

[Solved] CPE457 Lab2-PE File Analysis

[Solved] CPE457 Final Exams

[Solved] CPE457 Lab 12-Basic Static Analysis

[Solved] CPE457 Lab3-structures and calling conventions

[Solved] CPE457 Lab4-++ for Reverse engineers

[Solved] CPE457 Lab15-Network Monitoring Malware