Wire-shark network traffic dump - networking

I have a question to answer for one of my classes. But I'm having some trouble finding the information on this.
"So you have network traffic dumps as files on a USB given by the victims. How can you know that it is accurate? List some of the ways that it could have been changed. What things would you look for within the dump file that might indicate tampering."
Can someone please point me in the right direction?
Thanks,

Thanks alfasin. Your link helped,
https://wiki.ubuntu.com/BasicSecurity/DidIJustGetOwned

Related

What does ngrok stand for?

Recently, I got to know ngrok.
However, I cannot find where the name 'ngrok' come from.
Many software have interesting etymologies, and I wonder how ngrok was named.
Is it just ngrok?
This discussion including Alan Shreve (the author of ngrok) may give some ideas.
In short, 'n' is just a starting letter of many network tools (just as ngrep) and 'grok' is just 'to grok'.
so the name is kind of just a play on the word grok, coined by Heinlein, which is ‘to understand’, and ‘n’ because there are a whole bunch of other network tools that start with. It was kind of a play on ngrep.
Great question. In general, we don't say.
~ an ngrok employee

How to used NetworkBehavior in Unity3D

Check the Picture- Image Here
I made a c# script then change the MonoBehavior to NetworkBehavior
then pud the script in the Main Camera.
I have problem using NetworkBehavior I dont know how to execute it, I want to try the SyncVar and other attributes that can help about server-client data networking.
thanks.
It is difficult to tell what is going on from you picture, and it would be helpful if you could tell us exactly what you are looking for, but as far as SyncVar working, it is important to note that it only works from the server side. That is, you can't sync an attribute from a remote player to the server, but the server can sync a player's attribute to everyone else. another thing to note about sync var is that it only works on basic types and unity math types (quaternion, vector3, etc.) if I recall correctly. If you need more help please try to be more specific.

What's MBR offset 0x1C3 and how can I edit it?

I posted this question on another website but no one was able to help me there until a user suggested I posted this question here. So...
My SSD has some trouble POSTING on my old GA-P35-DS3 motherboard if I try to use the Intel controller.
Apparently (after much googling) I found this is a bug on the BIOS that can be fixed by some quick editing of the MBR. The trouble is, I have no idea how I can go about doing this. I tried 010 Editor and HxD but I'm completely overwhelmed and, although I am able to open the disk, I can't find that particular "offset" (0x1C3).
If you are curious this post describes my issue (scenario 1) and the required steps to fix it: http://forum.giga-byte.co.uk/index.php?topic=8585.0
So, if someone could help me figure what an "offset" is and how I can find it with 010 Editor (or any other program you see fit) so I could fix these byes I would very much appreciate it! :)
EDIT: I've been looking around and I'm a bit confused if I should change these bytes:
http://i.imgur.com/Ys0gU3O.png
Or these bytes:
j59ypS5.png (I need more rep to post the second like so you can just copy-paste this into the imgur URL)
Judging by its content the first option doesn't seem to make sense. But since the second option is only "00 00 00" for I don't know if it makes any sense either...
If someone could please help me I'd be forever grateful.
Well.. I was able to figure it out by myself so I'll leave the answer here in case someone faces the same issue in the future.
1) I was opening a logical drive instead of a physical unit. That's why what I was seeing wasn't meeting my expectations.
2) I thought the "offset" was only referenced by the column by the left but no. Ox1C3 actually includes the column number as well. So I had to change the three bytes including 0x1C3 (0x1C4 and 0x1C5).
That was pretty much it. After that I saved the changes and rebooted my machine and after changing the SATA port everything was working as expected.

Network Protocol implementation

As part of a project work i am supposed to "implement" any network protocol of my choice. I googled for it but didnt find anything that would help a beginner like me to start off. Could anyone please give some ideas on where to begin?
Thanks in advance!
PS: am not sure of the tags either.
You can try DHCP. It is relatively simple and common.
http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol
To start you can cover the same subnet/vlan case. (Server client same subnet.)
Next do the different subnet/vlan case if you have time.

analysing network traffic

Whats the best way to identify network behavior??
Behavior of the ports/interfaces and routers?
I can get data and analyse the traffic but trying to search for a pattern for a meaningful classification.
Any help appreciated.
Thank you
WireShark is a great tool, too.
Features are similar to other, but one is the exporting to CSV. You could then import the CSV into Excel and run some analysis there.
Try Fiddler.
I would say Ethereal is the best tool out there.
http://www.ethereal.com/
It was some time since I used it, but by what I remember you could choose a number of filters and features like that which made it very clear what was going on.

Resources