Honeynet Project SoTM

Written by rbcarnett / NR: Not Rated
Restart Story Statistics Add To Favorites My Submissions View Ratings Rate or Comment Bookmarks Contributors Loose Ends Submission Guidelines Flag Story
Members of the Mexico Honeynet Project captured a unique attack. As common, what is interesting is not how the attackers broke in, but what they did afterwards. Your mission is to analyze the network capture of the attacker's activity and decode the attacker's actions. There are two binary log files. Day1 captured the break in, Day3 captures some unique activity following the compromise. The honeypot in question is IP 192.168.100.28. Make sure you review the challenge criteria before submitting your writeup.

Questions:
What is the operating system of the honeypot? How did you determine that? (see day1)

You have 4 choices:

Room 5894 created by rbcarnett on Aug 20, 2003