Packet Capture of Windows XP System: WinXPTrace R1.pcapng
Use the packet capture to answer the following:
What two IPv4 addresses are the biggest talkers in term of bytes sent and received? Format: firstIPaddress,secondIPaddress
How many total bytes were captured in the conversation?
For that ‘biggest talker’ conversation, what is the tcp destination port was predominantly used for the lower IPv4 address?
What protocol uses this port?
For that ‘biggest talker’ conversation, what is the predominate tcp source port used for the lower IPv4 address?
What is the top TCP protocol (in terms of Total Bytes) in the WinXP file?
What is the second?
Based on the above information, what WinXP attack/exploit might have been used?
CHALLENGE QUESTIONS
What Hack Tool do you suspect was used to perform this attack?
What is the SHA-256 Sum of the portable executable launched to gain access to the victim?