Capture challenges

How we built our 2018 Holiday capture challenge

16 min read

We love building capture challenges, and in the process we learn a lot about networking, packets, and the tools that exist to manipulate and generate them. It took around seventy-five individual pcaps to deliver our Holiday challenge. Settle in as we get into the details of how we create it all. Keep reading

Capture challenges

How we made the 2018 Halloween capture challenge

7 min read

In depth on creating a capture challenge using custom built captures Every so often we like to come up with a special capture challenge where people can use CloudShark to dive into some packet analysis and find the solution. But often the interesting story is about the methods we use to make the captures themselves - generating and capturing very specific packets to make the challenge interesting. Being packet geeks, it’s also really fun. Keep reading

Capture challenges

Trick or Treat!

2 min read

A PCAP Challenge for Halloween Celebrating Halloween is something our hometown of Portsmouth, NH takes really seriously! There’s a big parade where everybody does the “Thriller” dance, pumpkin-head scarecrows lurking all over town, and private homes open their elaborately decorated haunted barns for the neighbors to wander through! In the spirit of the season, we’re offering our own Trick or Treat challenge – PCAP style. Take a stroll through this capture file and see if you can find the 5 hidden “pumpkins” that we’ve placed in there for you! Keep reading

Capture challenges

Solutions: The Big Byte Capture Challenge

2 min read

Every summer the devs here at CloudShark engage in a “Summer Coding Challenge” to flex their programming muscles and relive the glory (horror?) days of computer science homework. It just so happens that one of those challenges this year made a great packet capture challenge for you CloudShark fans! We got a lot of great answers - we have some of those solutions below, but if you don’t want it spoiled and want to try the capture for yourself, here it is: Keep reading

Capture challenges

CloudShark 2015 Thanksgiving Capture Challenge

2 min read

Since we’ve launched CloudShark Online Accounts, we wanted to celebrate with a special Thanksgiving capture challenge. While most of us in the U.S. will be enjoying hefty helpings of turkey, mashed potatoes, and squash, a select few will be reveling in the magical wonder that is the “Turducken”. Never heard of turducken? It’s exactly what it sounds like: a chicken, wrapped in a duck, wrapped in a turkey, filled with stuffing and sausage and baked to perfection. Keep reading

Capture challenges

Solved: Run-By Capture Challenge - Something Strange with Multicast

2 min read

This packet challenge has concluded! Read on for the solution, or check out the original challenge below! The Solution A few folks spotted the issue with multicast packets #4 and #6. Normally, IP layer multicast packets also use a layer 2 multicast destination MAC address. But the multicast packets in this capture are using a unicast destination address. What is going on here? It turns out that this capture was generated in a wireless network. Keep reading

Capture challenges

Packet Capture Challenge 7 - Deep, Deep Packets

2 min read

Haven’t got one of our snazzy CloudShark P-Caps yet? Well, how good are your dissector skills? One of the tools we added in CloudShark 1.7 is the protocol hierarchy tool. Similar to that found in Wireshark, the CloudShark protocol hierarchy tool also lets you click on a given protocol and automatically creates a filter for you based on the packets called out in the hierarchy. Which, you got to admit, is pretty cool. Keep reading

Capture challenges

Solution - Packet Capture Challenge 6

3 min read

This capture challenge has concluded! Thank you for all of your answers! You can find the solution below, or try the challenge for yourself. The Challenge Happy Holidays from CloudShark! We’ve had a lot of new followers and users of CloudShark.org in the network security field, so we have a special intrusion capture challenge for you this month. It requires very little description, but you can use CloudShark’s web-based analysis tools and packet view to figure it out. Keep reading

Capture challenges

Solution to Packet Capture Challenge #5 - TCP Fast Open and Home Routers

4 min read

This challenge is now concluded! Read the solution below or scroll down for the original challenge! The Solution So, what’s going on here? This communication is happening over a home gateway using Network Address Translation, or NAT. This is very common in home networks as it allows a Service Provider to use only one public address to represent many hosts. It also has an interesting side effect of acting as a natural firewall. Keep reading

Capture challenges

Packet Capture Challenge #4 - Solution

3 min read

This challenge is now finished! Read the solution below or scroll down to try the challenge for yourself! The Solution CloudShark lets you embed your filters directly in the URL. When we view this packet capture file, we are already brought to the view we want to see: in this case, only DNS and ICMP messages. http://cloudshark.org/captures/a02f4f4a0df0?filter=dns%20%7C%7C%20icmp Why is that? The problem we’re looking to illustrate happens to be an ICMP packet that is tied to a particular DNS response. Keep reading
DNS

Capture challenges

Sharkfest Packet Capture Challenge Solution

2 min read

Thanks to all who participated in the packet capture challenge at Sharkfest 2012! We had a great time at Sharkfest! Here’s the solution, or scroll down to try the challenge yourself! The Solution Many folks showed us different approaches to this challenge. Here is one approach. Visit the HTTP Requests analysis tool for this capture and take a look at the Response Codes tab. https://www.cloudshark.org/analysis/61cdf49986bd/http_req The Response Codes graph shows a break down of traffic by HTTP Response code. Keep reading

Capture challenges

Packet Capture Challenge #3 - Solution

3 min read

This challenge is over! You can find the solution below. First off, thanks to everyone who sent in a solution. The solution is posted here, or try the challenge yourself below! The Solution Unlike past challenges, this challenge involves multiple capture files with two SIP clients attempting a VoIP call behind a SIP aware router. The first capture was taken on the LAN side of the router. The second capture was taken on the WAN side of the router. Keep reading

Capture challenges

Packet Capture Challenge #2 - Solution

3 min read

This challenge is over for now. You can find the solution below! First off, thanks to everyone who sent in a solution. Joe shows us the solution on Youtube, or try the challenge yourself below! The Challange We are having another Packet Capture Challenge to celebrate the release of CloudShark 1.4. If you can answer the question below, send an email to info@cloudshark.org with your address and Tee-Shirt size, we’ll send out a CloudShark tee shirt to the first 10 correct responses we receive. Keep reading

Capture challenges

Packet Capture Challenge #1 - The Solution

2 min read

This challenge is over! You can find the solution below. First off, thanks to everyone who sent in a solution to this packet capture challenge. Some of you told us the challenge was too easy. Don’t worry. They’ll get harder. Watch Joe show you the solution from a cafe in downtown Portsmouth, NH, or try the challenge for yourself below! The Challange Ok, gather around packet geeks. Take a look at this capture session. Keep reading