Then the packets captured were analysed using Wireshark.Īlso, the screenshot for tcp analysis so as to determine the status of ports is given below: The screenshot of company’s website is given below:Ĭlearly from the screenshot, it is seen that the website address is and the IP address is 192.168.123.50įor performing, the deep packet analysis, the company’s web address was analysed using the ping command in kali Linux, and then the packets were captured using Wireshark. Include relevant screenshots from Part 1 and Part 2 to support your findings.ĪPA style is not required, but solid academic writing is expected.įor completing this assignment company named Namaste Taste was chosen for performing traffic analysis using Kali Linux Wireshark and Vulnerability analysis using Kali Linux.
Part 1 and Part 2 of the threat hunting exercise identify components that are necessary for the SOC.Evaluate common threat hunting concepts, approaches, and tools.Explain how a SOC analyst can leverage use cases for threat hunting programs while building hunt missions for an organization.Define the goals and responsibilities of a cyber threat hunting team and articulate its value to an organization.This will be the Threat Hunting section in the IT Proposal. Add screenshots and explanation of threat hunting analysis to a Word document.Identify and describe the structure of the log file.Provide an output with the number of lines in the chosen log file.You should be able to navigate to log files on any of the VMs within the SOC-in-a-box infrastructure, including the intrusion detection system (IDS). Use Kali Linux and a command line terminal to access two log files to form a threat hunting scenario. Observe at least three Wireshark captures for analysis.Look at the I/O graphic in a bar-graph format.
Use Kali Linux Wireshark to perform a deep packet analysis of the traffic on the SOC-in-box infrastructure.
0 kommentar(er)
