ESSAY MAMBA

Determine the md5 hash value of the file to check its data integrity (i.e. you have downloaded the full file and no one has altered it).

Posted in IT & Technology By KennedyPosted on Tagged , , ,

Part 1- Packet Analysis Challenge

Part A:  Preparation

  1. Copy the evidence.pcap file into the root folder of Kali
  2. Determine the md5 hash value of the file to check its data integrity (i.e. you have downloaded the full file and no one has altered it). Determine 128-bit MD5 hash of evidence.pcap file using the md5sum tool in Kali.

#md5sum evidence.pcap

Verify the md5sum is d187d77e18c84f6d72f5845edca833f5

Part B:  Using tcpdump

  1. Use tcpdump to determine if the traffic in the evidence.pcap is using IPv4 or IPv6? How can you tell?

Hint:  #tcpdump –X –r evidence.pcap

Part C:  Using Wireshark to gather Statistics

Open the evidence.pcap file in Wireshark

  1. How many total packets were captured?

Hint:  Statistics à Summary
Or Statistics à Capture File Properties

  1. How many total bytes were captured?
  2. How much time elapsed from when the first packet was captured till the last packet was captured?
  3. List the 13 IP addresses that either sent or received packets as a part of this packet capture. (Hint:  Summary à EndPoints)
Determine the md5 hash value of the file to check its data integrity (i.e. you have downloaded the full file and no one has altered it).
Scroll to top