Monthly Archives: January 2016

2016-01-07 – TRAFFIC ANALYSIS EXERCISE – ALERTS ON 3 DIFFERENT HOSTS

Posted on January 14, 2016 by pcsxcetrasupport3

SCENARIO: You are working as an analyst reviewing suspicious network events at your organization’s Security Operations Center (SOC). Things have been quiet for a while. However, you notice several alerts occur within minutes of each other on 3 separate hosts. … Continue reading →

Posted in Malware, Networking, security | Tagged Malware Analysis, Networking | 1 Comment

Wireshark and TShark Timestamps

Posted on January 10, 2016 by pcsxcetrasupport3

I am currently working on the latest Malware traffic analysis exercise located here Titled “2016-01-07 – TRAFFIC ANALYSIS EXERCISE – ALERTS ON 3 DIFFERENT HOSTS” I used the command line to run TShark with this command to extract just the … Continue reading →

Posted in Networking, security, System Tools | Tagged Timestamps, Tshark, Wireshark | 1 Comment

A little more on Wireshark and Pcap time stamps

Posted on January 3, 2016 by pcsxcetrasupport3

In my last post I talked about getting a unique list of User-Agent strings and as a bonus I discovered that you can travel back and forth from Wireshark to a hex editor and back using the time stamps. In … Continue reading →

Posted in Networking, security, System Tools | Tagged Hex editor, Networking, Pcap, Wireshark | 1 Comment

	Name on Pealing back the layers of a b…
	Week 21 – 2022… on Pealing back the layers of a b…
	Week 50 – 2021… on Peeling away the layers of obf…
	Week 47 – 2021… on Excel 4 macro code obfusc…
	Week 31 – 2021… on A deeper look at Office docume…

Monthly Archives: January 2016

2016-01-07 – TRAFFIC ANALYSIS EXERCISE – ALERTS ON 3 DIFFERENT HOSTS

Wireshark and TShark Timestamps

A little more on Wireshark and Pcap time stamps

Recent Posts

Recent Comments

Archives

Categories

Meta