2020 EUROPEAN CYBER SECURITY CHALLENGE

3-7 November 2020

Vienna, Austria

PCAP

How difficult did you find this challenge?

1 2 3 4 5
Easy Hard
Event ECSC2019
Tags Network traffic Log analysis
Difficulty
Medium
Provider https://cyber.services/
Additional Info
Description As member of a computer network administration team, you received a network traffic file recording a client-server communication. Your task is to analyse it and see if there are any sensitive information involved in it.
Write-ups
Other artefacts
Tasks

Task 1: How to filter for packets coming from 192.168.10.10/25 and sent to Aruba devices in WireShark?

Task 2: Which display filter is used to display all DHCP traffic?

Task 3: How do you quickly spot large gaps in time between packets in a trace file containing 10,000 packets?
Choose the correct answer:
1. Set the Time column to Seconds Since Epoch and scroll through the trace file
2. Open and examine the Notes section of Wireshark's Expert infos window
3. Set the Time column to Seconds Since Previously Displayed Packet and sort the Time column

Task 4: Which of these filters can be used as either a capture or display filter?
Choose the correct answer:
1. Dns
2. Udp
3. Dhcp

Task 5: What is the sensible information involved in the pcap file?