In a fictional scenario involving a simulated DDoS (Distributed Denial of Service) attack on a company, this project delves into the realm of incident response and cybersecurity analysis. As the designated cybersecurity analyst for the imaginary company, the focus was on investigating and mitigating the impact of the DDoS attack.
Image and Explanation:
The UDP protocol reveals that the DNS server is down or unreachable. As evident by the results of the network analysis, the ICMP echo reply returned the error message “udp port 53 unreachable,” Port 53 is commonly used for DNS protocol traffic. Likely, the DNS server is not responding. In the resulting log file,
I
found that DNS port 53 was unreachable. The next step is to identify whether
the DNS server is down or traffic to port 53 is blocked by the firewall. The DNS
server might be down due to a successful Denial of Service attack or a
misconfiguration.