Spaced
MediumNetwork Security
Overview
I've been working as a satellite communications engineer for years now, and honestly, it's been pretty smooth sailing. Setting up ground-to-space uplinks? Easy. Managing telemetry streams? A piece of cake. I've handled thousands of packets flowing through our gateway without breaking a sweat.
But today something weird showed up in our monitoring system. The ops team flagged some unusual behavior in the command stream, and now they're handing me this massive PCAP file. I mean, there's like over a thousand packets in here - tons of normal telemetry, telecommands, and a bunch of background noise from other subsystems.
flag format: flag{}
Lab Details
Prerequisites & Requirements
- Network Fundamentals: OSI model layers, particularly Layer 2 (Data Link) and Layer 3 (Network)
- TCP/IP Protocol Suite: Understanding of IP addressing, MAC addresses, and UDP protocol
- PCAP Analysis: Familiarity with packet capture file formats and analysis tools
- Binary Data Parsing: Ability to read and interpret binary/hexadecimal data structures
- XOR Cryptography Basics: Understanding of XOR operations and simple encryption schemes
What Will You Learn?
- Multi-layer Network Analysis: How attacks can span across Layer 2 (MAC) and Layer 3 (IP)
- Protocol Reverse Engineering: Working with unfamiliar binary protocols (CCSDS/PUS)
- Traffic Anomaly Detection: Identifying malicious traffic hidden among legitimate packets
- Cryptographic Analysis: Recognizing and breaking simple XOR-based masking schemes
- Data Reconstruction: Assembling fragmented information with error checking
- Real-World Aerospace Security: Understanding how critical infrastructure protocols work
Tools
- Wireshark: Primary packet analysis tool
- tshark: Command-line version for scripted analysis
- Python 3 with Scapy library: For automated packet parsing
- Text processing utilities: grep, awk, etc.
Job Positions
Security Analyst
Tags
WiresharkPcapPacket AnalysisProtocol AnalysisOsi Model