The below report attempts to provide answers to the objectives set in the "NETWORK CHALLENGE - 001 - LINUX":
- Determine what likely occurred based on the evidence from the PCAP.
- Identify any network and/or host artifacts that could be used to scope this incident further.
- If applicable, write detection signatures (snort/suricata/yara) to increase coverage for this type of activity.
The report comprises of multiple sections: