The packet parties have recommenced, and the showing was 13 people strong! Armed with wireshark tools, we went over five (out of six) pcaps from the USCC cyber quest challenge, mulling over logs of a (simulated) attack against HMI clients, and discussing the most effective techniques for finding target information.
How does one really differentiate between telnet and netcat? What’s the algorithm for breaking basic HTTP digest authentication? And more interestingly, high school kids answered these questions? (Just kidding, but not really.)
Much fun and stories (and drinks and cookies) were had, and lots of lesser-used Wireshark features explored. Thanks to Grecs for supplying this month’s packet captures, and to DeBuG for his code. ^^ DeBuG will be providing the next month’s slate of network adventures.
We are currently working on breaking out into group mailing lists, but sign up on our main mailing list if you would like to be notified about the next meetup.
If you would like to download the files, the zipped file of our packet party content is here as well as from the USCC cyber challenge website. Check back later for a link to more detailed explanation of the answers.