SecurityOnion VS CyberDefenders :EP2
Malware Traffic Analysis 2 This time, we will solve Malware Traffic Analysis 2 using SecurityOnion. Packet Import aoshi@aoshi-Standard-PC:~/Downloads$ sudo so-import-pcap mta2.pcap [sudo] password for aoshi: Processing Import: /home/aoshi/Downloads/mta2.pcap - verifying file - assigning unique identifier to import: 546b26789a5539ec62b3ed449aabd917 - analyzing traffic with Suricata - analyzing traffic with Zeek - saving PCAP data spanning dates 2014-11-23 through 2014-11-23 Cleaning up: Import complete! You can use the following hyperlink to view data in the time range of your import. You can triple-click to quickly highlight the entire hyperlink and you can then copy it into your browser: https://192.168.1.30/#/hunt?q=import.id:546b26789a5539ec62b3ed449aabd917%20%7C%20groupby%20event.module%20event.dataset&t=2014%2F11%2F23%2000%3A00%3A00%20AM%20-%202014%2F11%2F24%2000%3A00%3A00%20AM&z=UTC or you can manually set your Time Range to be (in UTC): From: 2014-11-23 To: ...
