archive
Tag: wireshark

2016/03/29

Network Forensics – Round 7: Ann’s Dark Tangent

Network Forensics – Round 7: Ann’s Dark Tangent The Puzzle: Ann’s Dark Tangent (DEFCON 2010) Ann has arranged a rendezvous with Dark Tangent. You are the forensic investigator. Can you figure out their destination? Again for this challenge I utilized the same tools as the other rounds to accomplish the above tasks. There are always[…]

2015/10/12

Network Forensics – Round 6: Ann’s Aurora

:Network Forensics – Round 6: Ann’s Aurora: The puzzle: Ann’s Aurora Ann Dercover is after SaucyCorp’s Secret Sauce recipe. She’s been trailing the lead developer, Vick Timmes, to figure out how she can remotely access SaucyCorp’s servers. One night, while conducting reconnaissance, she sees him log into his laptop (10.10.10.70) and VPN into SaucyCorp’s headquarters.[…]

2015/09/01

Network Forensics – Round 5: Ms. Moneymany’s Mysterious Malware

:Network Forensics – Round 5: Ms. Moneymany’s Mysterious Malware: The puzzle: It was a morning ritual. Ms. Moneymany sipped her coffee as she quickly went through the email that arrived during the night. One of the messages caught her eye, because it was clearly spam that somehow got past the email filter. The message extolled[…]

2015/07/21

Network Forensics – Round 4: The Curious Mr. X

by DFIRninja
Categories: Analysis, Network Forensics
Tags: , ,
Comments: 1 Comment

Network Forensics – Round 4: The Curious Mr. X Round 4! Below is the scenario for round 4 in the Network Forensics Challenge Series: While a fugitive in Mexico, Mr. X remotely infiltrates the Arctic Nuclear Fusion Research Facility’s (ANFRF) lab subnet over the Interwebs. Virtually inside the facility (pivoting through a compromised system), he conducts some noisy[…]

2015/05/05

Network Forensics – Round 3: Ann’s Apple TV

by DFIRninja
Categories: Analysis, Network Forensics
Tags: , ,
Comments: 1 Comment

: Network Forensics Round 3! : Ann’s Apple TV Below is the scenario for round 3 in the network forensic challenge series: Ann and Mr. X have set up their new base of operations. While waiting for the extradition paperwork to go through, you and your team of investigators covertly monitor her activity. Recently, Ann[…]

2015/04/20

Network Forensics – Round 2: Ann Skips Bail

by DFIRninja
Categories: Analysis, Network Forensics
Tags: , ,
Comments: Leave a Comment

: Network Forensics – Round 2 : The second puzzle in the network forensic challenge series. Below is the background on the scenario: After being released on bail, Ann Dercover disappears! Fortunately, investigators were carefully monitoring her network activity before she skipped town. “We believe Ann may have communicated with her secret lover, Mr. X,[…]

2015/03/11

Network Forensics – Round 1: Ann’s Bad AIM

by DFIRninja
Categories: Analysis, Network Forensics
Tags: , ,
Comments: 5 Comments

I recently came across one of the old DefCon puzzle challenges from back in 2009. I hadn’t done this challenge before so I decided to give it a shot. This is the first of a series of network forensic challenges. Below is the background on the challenge: Puzzle #1: Ann’s Bad AIM Anarchy-R-Us, Inc. suspects[…]


Today is Monday
2017/10/23