Professional Documents
Culture Documents
Wireshark Practices
Wireshark Practices
Wireshark Practices
Huseyin EKSI
3. What is the domain name queried with the port number 51320 in the pcap file?
4. What are the two host names when you filter llmnr packets in the pcap file?
3. What is the IP address of that domain name in response in the pcap file?
4.Filter the IP for further investigation what is the name of the server that responded?
6.What is the local IP you find in the pcap belongs to the DESKTOP-..?
2. What are the suspicious domain name queries in the provided pcap file?