First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Trying to figure what type of attack this is

I have the file here https://drive.google.com/drive/folder... I am trying to figure what type of attack this is! I believe it is a DDOS attack but I am just not sure. Thanks.

DHonululu's avatar
1
DHonululu
asked 2019-11-09 15:48:54 +0000
edit flag offensive 0 remove flag close merge delete

Comments

The file name is Lab2 - NMAP-Scan.pcap. Is this a nmap scan file? Have you checked the nmap docs?
https://nmap.org/book/toc.html

Chuckc's avatar Chuckc (2019-11-09 16:18:45 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

There is a nmap scan buried in the capture. Is that what you're looking for?
Work down through the Statistics menus.
Protocol Hierarchy - not very interesting for this capture
Conversations - will help to find a very large conversation that can be excluded from analysis
Also pay attention to the ports being accessed. Does this look like expected traffic?
Endpoints - who are the chatty nodes and what are they doing?
Good luck!

Chuckc's avatar
3k
Chuckc
answered 2019-11-09 18:03:06 +0000, updated 2019-11-09 18:06:03 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer