Extend the Story - Add a Room

Previous Room

Members of the Mexico Honeynet Project captured a unique attack. As common, what is interesting is not how the attackers broke in, but what they did afterwards. Your mission is to analyze the network capture of the attacker's activity and decode the attacker's actions. There are two binary log files. Day1 captured the break in, Day3 captures some unique activity following the compromise. The honeypot in question is IP 192.168.100.28. Make sure you review the challenge criteria before submitting your writeup.

Questions:
What is the operating system of the honeypot? How did you determine that? (see day1)

Choice

FreeBSD

Room Description (what happens next)

Continuation Method

Choices

Variable Names & Values are required for a choice to show

Image

Up to 350px x 350px, 50,000 byte file size limit

Image Location

Room Nickname (useful or room linking)

The owner of this story will be reviewing your submission before publication. Please confirm your spelling, punctuation, and adherence to any of the story owner's guidelines before submitting.