DDOS Analysis: UDP Flood (Question 8)

Question

I'm working through the DDoS UDP Analysis lab and am currently stuck on question 8. I've used both the Statistics &gt; Summary tool within Wireshark and also capinfos to try to determine the total length of the DDoS attack. However the time difference I'm coming up with through both methods is not the correct answer. Any suggestions?

barney · Answer

There probably various and cleverer ways of doing it, but I just looked in the Conversations window for the UDP stream.&nbsp; Here it will give you the relative start time for each conversation and its duration - you're interested in the values for the final conversation record.&nbsp; HTH.

netcat · Answer

If you have a duration of a.bc68 then round up to a.bc70Wireshark shows, depending on the tab, both numbers.

Forum Discussion

DDOS Analysis: UDP Flood (Question 8)

2 Replies

Featured Places

Help & Support Forum

Related Content

Practical Malware Analysis: Static Analysis question 18

Practical Malware Analysis: Static Analysis question 19

How to Answer a Question

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

How to Ask a Question

Recent Discussions

Hack Your First Web App: Ep.4 Missing Cookie

It seems correct answer is not accepted.

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Privilege Escalation: Windows – Finding Passwords

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.