• caglararli@hotmail.com
  • 05386281520

Help with traffic dump in Wireshark

Çağlar Arlı      -    56 Views

Help with traffic dump in Wireshark

I was given the task to analyze traffic in Wireshark for possible network attacks (all in the local area), I am not very good at it and the only thing I could find (and not sure that it is correct) is SYN-flood and possibly MiTM attack. MiTM is signaled by ICMP Redirect from the host - 10.0.0.1, although looking at the dump itself (attached screenshot) except for the constant connection breakdown nothing happens (or overlooked). Also SSH traffic looks suspicious, but I have nothing to compare it with, so I may be wrong. I will be grateful if at least roughly (even very briefly) indicate the possible attacks that are here. Link to pcap file - https://disk.yandex.ru/d/3LfVQj6EaHtP3w

enter image description here