Network Traffic Analysis Report: Cyber Operations Course

This report provides a comprehensive analysis of network traffic within a cyber operations context, utilizing Wireshark to capture and examine data packets. It details the installation and operation of Wireshark, followed by a statistical analysis of network boundaries, active nodes, external sources, traffic types (DNS, ARP, TCP, HTTP, UDP, IPV6), and protocols. The report identifies a Distributed Denial of Service (DDOS) attacker and an Address Resolution Protocol (ARP) poisoning attacker, explaining their techniques and how to identify them. The analysis includes activity narratives and explanations of the attacks, highlighting vulnerabilities and potential security breaches within the network. The document concludes with references to support the findings and methodologies used in the analysis. Desklib provides this document as well as many other papers to help students with their studies.