Call/WhatsApp: +1 914 416 5343

Logfile Analysis

You can open this through notepad then take a screenshot.

"Log Analysis exercise"
Figure out what happened to a server using all the logs from a possibly compromised server.
Analyze the attached logs in the zipfile and answer the following questions:

Was the system compromised and when? How do you know that for sure?
If the was compromised, what was the method used?
Can you locate how many attackers failed? If some succeeded, how many were they? How many stopped attacking after the first success
What happened after the brute force attack?
Locate the authentication logs, was a bruteforce attack performed? if yes how many?
What is the timeline of significant events? How certain are you of the timing?
Anything else that looks suspicious in the logs? Any misconfigurations? Other issues?
Was an automatic tool used to perform the attack? if yes which one?
What can you say about the attacker’s goals and methods

All the question need to be answered while writing the full details report with time and date of starting the examination or work, tools for open the file or while use it when you analyze the file, every little thing need to be documented with a picture or screenshot of the work. In case if any information used outside the work it is need to be cite it in the pargaraph and the refrence page too. Please please use simple English language and the writer needs to answer me in case if I have any question or comment regarding the work.

Leave a Reply