Skip to content
Github Twitter YouTube
Lost in Security (and mostly everything else)
Skip to content
  • About me
  • My GitHub Repos
  • Packet Analysis
  • SecurityOnion
  • Challenges
Home Archive by category "Packet Analysis" (Page 9)

Category: Packet Analysis

Malware Exercise 2015-09-11 – A Bridge Too Far Enterprises

Herbie Zimmerman September 29, 2015 February 23, 2016Packet Analysis 0

So I am a little late with this one as I just could not find the mental capacity to finish this one on time due to a head cold that turned into a sinus infection (which I am still fighting). Based on what Brad had said about this one, it…

Continue reading

Malware Exercise 2015-08-31 – What’s the EK? What’s the payload?

Herbie Zimmerman September 15, 2015 February 23, 2016Packet Analysis 0

TL;DR Basically this is one of Brad’s typical spot the malware within the PCAP from a drive-by infection. Nothing exciting like the previous one, but still good practice. Unfortunately I did get some of this one wrong (stupid me for not updating Snort rules in Security Onion). Also, one thing…

Continue reading

Malware Exercise 2015-08-07 – Someone was fooled by a malicious email

Herbie Zimmerman August 18, 2015 February 23, 2016Packet Analysis 0

Prologue about this and future “Malware Excercise” posts I have been wanting to blog about my experiences playing with malware and trying to figure out how they work, techniques that helped me dissect them, tools that I used, etc… but never really had the chance/time to sit down and do…

Continue reading

Umm… What is this on the wife’s laptop?

Herbie Zimmerman April 30, 2015 February 23, 2016Packet Analysis, SecurityOnion 0

So last night while playing around with my router trying to get it running as an OpenVPN Server (which was nothing but an all-day, bang-your-head-against-the-wall kind of experience since, from what I can tell reading multiple sites about Mikrotik, does not have a solid OpenVPN server package) I noticed this…

Continue reading

15-02-2015 – Sweet Orange infection

Herbie Zimmerman February 15, 2015 February 23, 2016Packet Analysis 0

So while at work the other day I came across an interesting alert that, thankfully, was not successful. The following is what I got once I got home and was able to run this on my test VM. So let the party begin! The start of the infection chain starts…

Continue reading

Part 3 of 3 : Nice email – Subject: Employee Documents – Internal Use

Herbie Zimmerman January 27, 2015 January 27, 2015Packet Analysis 0

This is my last post about this particular malicious email that I got in the mail sometime last week. If you have not read the other posts about this email (looks to be in the Dyre malware family), please see part one here and part two here.

Continue reading

Part 2 of 3 : Nice email – Subject: Employee Documents – Internal Use

Herbie Zimmerman January 26, 2015 January 26, 2015Packet Analysis 0

As the title suggest, this is the continuation of my investigation into a malicious Dyre email that I received a while back. If you did not see my initial post (and mind you, first blog about malware analysis), then you can find that here. The other thing that I am…

Continue reading

Part 1 of 3 : Nice email – Subject: Employee Documents – Internal Use

Herbie Zimmerman January 21, 2015 January 26, 2015Packet Analysis 0

So I figured that it is time that I start putting SO (Security Onion) to good use and start trying to find malware to dissect. So I started going through the SPAM/JUNK mail folders in the different email accounts that I have. After checking several emails, I came across the…

Continue reading

«‹789
Powered by Nirvana & WordPress.