2022-12-01から1ヶ月間の記事一覧
Details playbook Is Traffic Malicious? What Is The Attack Type? Check If It Is a Planned Test What Is the Direction of Traffic? Was the Attack Successful? Add Artifacts Do You Need Tier 2 Escalation? End Details EventID : 115 Event Time : …
LetsDefend Challenge DFIR: Port Scan Activity Question1: What is the IP address scanning the environment? 一番沢山パケットを飛ばしていそうなのが怪しい. $ tshark -r port\ scan.pcap -z conv,ip -q ============================================…