Trace Files Available 1

[mpennac]

Based on numerous requests for example trace files, I am starting to develop a library of examples out on my website. Each trace file includes the .ENC file that contains the trace and two other .PDF files. One of the .PDF files contains a set of questions that can be answered based on the contents of the trace file. The other contains the answers to the questions.

These trace files can be found under the Trace Files link on my website.

I hope this helps those of you that are starting out doing network analysis. Any suggestions for additional files is strong encouraged.

Mike

http://www.netprospecialists.com

 

[CoolGuy077]

Great work mpennac.

This will go a long way.

~CoolGuy

 

[mpennac]

You are welcome!

Let me know if there is anything specific you are looking for.

Mike

 

[KeithFrench]

Congratulations on a very useful website. I have to do a presentation at work on the effects of the Nachi virus. I am not sure if it is a variant of the Blaster example sniffer trace you have attacking port 135 or not? If you can do a trace of Nachi that would be very useful. Thanks.

 

[KeithFrench]

Mike,
I have been looking at your Blaster worm trace in Sniffer Basic and can see your points with regards to the ping packets. However, do you have a more complete trace showing the actual atack taking place on Port 135?

Keith.

 

[mpennac]

Keith, it looks like I am going to have to infect a machine, or at least put it out on the open Internet and let someone attack it.

Mike

 

[SpenceP]

Check out

http://www.niksun.com.

They have a number of writeups on how you can use an analyzer to see virii and worms traffic.

SpenceP

 

[mpennac]

I'll check them out. Thanks!

Mike

http://www.netprospecialists.com