DDOS Analysis: UDP Flood (Question 8)

Question

I'm working through the DDoS UDP Analysis lab and am currently stuck on question 8. I've used both the Statistics &gt; Summary tool within Wireshark and also capinfos to try to determine the total length of the DDoS attack. However the time difference I'm coming up with through both methods is not the correct answer. Any suggestions?

barney · Answer

There probably various and cleverer ways of doing it, but I just looked in the Conversations window for the UDP stream.&nbsp; Here it will give you the relative start time for each conversation and its duration - you're interested in the values for the final conversation record.&nbsp; HTH.

Forum Discussion

DDOS Analysis: UDP Flood (Question 8)

1 Reply

Featured Places

Help & Support Forum

Related Content

Practical Malware Analysis: Static Analysis question 18

Practical Malware Analysis: Static Analysis question 19

How to Answer a Question

How to Ask a Question

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Recent Discussions

Discovery: Enumeration Scripts – Part 1

Windows Hardening: Ep.6 – Pivoting

DDOS Analysis: UDP Flood (Question 8)

Windows Basics: Ep.3 – Registry Roadblock

Infrastructure Hacking: Responder Network Poisoning