Emerson Yepez
PART 1
PART 2
PART 3
Challenge
Assesment
1. Why would a network administrator use Witeshark and NetWitness Investigator together?
To be able to see all the packets that come in and out on the Network
2. What was the IP address for LanSwich1?
172.30.0.15
3. When the 172.16.8.5 IP host responded to the ICMP echo-request, how many echo-reply packets were sent back to the workstation?
8
4. What was the password for LanSwich 1 and LanSwich 2?
P@ssw0rd!
5. When using SSH to remotely access a Cisco router, can you see the terminal password? why or why not?
Not showing the password, SSH is a secure connection
6. What were the destination IP addresses discovered by the netwitness investigator analysis?
172.30.0.15
172.16.8.5
224.0.0.252
172.30.0.2
172.16.0.255
172.16.20.5
7. Are packet capturing looks like whiteshark less dangerous on switch LANs?
I don’t belive so, it’s a brute attack either way