Penetration Testing Project Game of Thrones CTF: 1
J_McConnell_Reconnaissance_Challenge
1. McConnell 1
Juanita M. McConnell
Cindy L. Casey
IT255P – Introduction to Information Systems Security
17 January 2014
Lab 1: Performing Reconnaissance and Probing Using Common Tools
Part 4: Challenge Questions
1. Use Wireshark and NetWitness Investigator to identify suspicious activity on the
network.
a. Open Wireshark and start a packet capture on the Student interface (Hint: Refer to
Part 1 of this lab).
b. Open Zenmap and perform another Intense Scan of the 172.30.0.0/24 subnet
(Hint:Refer toPart 3 of this lab).
c. Close Zenmap without saving the report.
d. Close Wireshark, but save the packet capture as a *.pcap file to the desktop when
prompted.
e. Open the *.pcap packet capture in NetWitness Investigator.
Answer: Below is a series of screen captures corresponding to the instructions of Part 4
Challenge Questions real-life challenge to investigate suspicious activity on a
network.