Cyber Attack Report 1
Cyber Attack Report 1
Incident Overview
On 02/11/2024, at 13:24:50, the cybersecurity system (IDPS) encountered a cyber attack identified
as a Denial of Service (DoS) attack. This report provides detailed information on the nature of the
attack, its impact, and the detection methods employed by the Cybersecurity team to mitigate it.
Incident Details
Sniffing Details
No. Time IP Source IP Destination Protocol Length Information
144 13:24:44.772 11111111 10.1.1.1 TCP 63.28 [SYN] Seq=0 Win=512 Len=0
145 13:24:44.846 11111111 10.1.1.1 TCP 59.0 [SYN] Seq=0 Win=512 Len=0
146 13:24:44.913 11111111 10.1.1.1 TCP 65.25 [SYN] Seq=0 Win=512 Len=0
147 13:24:44.981 11111111 10.1.1.1 TCP 56.34 [SYN] Seq=0 Win=512 Len=0
148 13:24:45.048 11111111 10.1.1.1 TCP 66.65 [SYN] Seq=0 Win=512 Len=0
149 13:24:45.115 11111111 10.1.1.1 TCP 66.3 [SYN] Seq=0 Win=512 Len=0
150 13:24:45.183 11111111 10.1.1.1 TCP 60.7 [SYN] Seq=0 Win=512 Len=0
151 13:24:45.251 11111111 10.1.1.1 TCP 62.01 [SYN] Seq=0 Win=512 Len=0
152 13:24:45.318 11111111 10.1.1.1 TCP 60.25 [SYN] Seq=0 Win=512 Len=0
153 13:24:45.400 11111111 10.1.1.1 TCP 64.15 [SYN] Seq=0 Win=512 Len=0
154 13:24:45.467 11111111 10.1.1.1 TCP 66.68 [SYN] Seq=0 Win=512 Len=0
155 13:24:45.534 11111111 10.1.1.1 TCP 63.75 [SYN] Seq=0 Win=512 Len=0
156 13:24:45.639 11111111 10.1.1.1 TCP 56.66 [SYN] Seq=0 Win=512 Len=0
157 13:24:45.780 11111111 10.1.1.1 TCP 58.52 [SYN] Seq=0 Win=512 Len=0
158 13:24:45.847 11111111 10.1.1.1 TCP 56.73 [SYN] Seq=0 Win=512 Len=0
159 13:24:45.915 11111111 10.1.1.1 TCP 49.35 [SYN] Seq=0 Win=512 Len=0
160 13:24:45.997 11111111 10.1.1.1 TCP 56.14 [SYN] Seq=0 Win=512 Len=0
161 13:24:46.064 11111111 10.1.1.1 TCP 70.01 [SYN] Seq=0 Win=512 Len=0
162 13:24:46.132 11111111 10.1.1.1 TCP 48.86 [SYN] Seq=0 Win=512 Len=0
Page 1
Cybersecurity Incident Report
163 13:24:46.212 11111111 10.1.1.1 TCP 55.72 [SYN] Seq=0 Win=512 Len=0
164 13:24:46.280 11111111 10.1.1.1 TCP 68.83 [SYN] Seq=0 Win=512 Len=0
165 13:24:46.347 11111111 10.1.1.1 TCP 52.05 [SYN] Seq=0 Win=512 Len=0
166 13:24:46.415 11111111 10.1.1.1 TCP 75.94 [SYN] Seq=0 Win=512 Len=0
167 13:24:46.483 11111111 10.1.1.1 TCP 73.95 [SYN] Seq=0 Win=512 Len=0
168 13:24:46.554 11111111 10.1.1.1 TCP 73.86 [SYN] Seq=0 Win=512 Len=0
169 13:24:46.781 11111111 10.1.1.1 TCP 70.41 [SYN] Seq=0 Win=512 Len=0
170 13:24:46.982 11111111 10.1.1.1 TCP 45.89 [SYN] Seq=0 Win=512 Len=0
171 13:24:47.050 11111111 10.1.1.1 TCP 59.67 [SYN] Seq=0 Win=512 Len=0
172 13:24:47.117 11111111 10.1.1.1 TCP 77.94 [SYN] Seq=0 Win=512 Len=0
173 13:24:47.185 11111111 10.1.1.1 TCP 74.28 [SYN] Seq=0 Win=512 Len=0
174 13:24:47.252 11111111 10.1.1.1 TCP 55.38 [SYN] Seq=0 Win=512 Len=0
175 13:24:47.319 11111111 10.1.1.1 TCP 43.44 [SYN] Seq=0 Win=512 Len=0
176 13:24:47.386 11111111 10.1.1.1 TCP 60.18 [SYN] Seq=0 Win=512 Len=0
177 13:24:47.454 11111111 10.1.1.1 TCP 57.42 [SYN] Seq=0 Win=512 Len=0
178 13:24:47.521 11111111 10.1.1.1 TCP 43.87 [SYN] Seq=0 Win=512 Len=0
179 13:24:47.601 11111111 10.1.1.1 TCP 66.7 [SYN] Seq=0 Win=512 Len=0
180 13:24:47.668 11111111 10.1.1.1 TCP 59.89 [SYN] Seq=0 Win=512 Len=0
181 13:24:47.735 11111111 10.1.1.1 TCP 75.15 [SYN] Seq=0 Win=512 Len=0
182 13:24:47.818 11111111 10.1.1.1 TCP 62.83 [SYN] Seq=0 Win=512 Len=0
183 13:24:48.019 11111111 10.1.1.1 TCP 67.72 [SYN] Seq=0 Win=512 Len=0
184 13:24:48.088 11111111 10.1.1.1 TCP 65.03 [SYN] Seq=0 Win=512 Len=0
185 13:24:48.069 Unknown Unknown ICMP 957.41 Unknown:Unknown:ICMP
185 13:24:48.155 11111111 10.1.1.1 TCP 60.33 [SYN] Seq=0 Win=512 Len=0
186 13:24:48.238 11111111 10.1.1.1 TCP 55.92 [SYN] Seq=0 Win=512 Len=0
187 13:24:48.305 11111111 10.1.1.1 TCP 72.99 [SYN] Seq=0 Win=512 Len=0
188 13:24:48.373 11111111 10.1.1.1 TCP 53.95 [SYN] Seq=0 Win=512 Len=0
189 13:24:48.440 11111111 10.1.1.1 TCP 58.69 [SYN] Seq=0 Win=512 Len=0
190 13:24:48.508 11111111 10.1.1.1 TCP 59.44 [SYN] Seq=0 Win=512 Len=0
191 13:24:48.592 11111111 10.1.1.1 TCP 61.24 [SYN] Seq=0 Win=512 Len=0
192 13:24:48.659 11111111 10.1.1.1 TCP 39.21 [SYN] Seq=0 Win=512 Len=0
Page 2
Cybersecurity Incident Report
193 13:24:48.727 11111111 10.1.1.1 TCP 70.35 [SYN] Seq=0 Win=512 Len=0
194 13:24:48.806 11111111 10.1.1.1 TCP 65.01 [SYN] Seq=0 Win=512 Len=0
195 13:24:49.026 11111111 10.1.1.1 TCP 66.55 [SYN] Seq=0 Win=512 Len=0
196 13:24:49.095 11111111 10.1.1.1 TCP 70.04 [SYN] Seq=0 Win=512 Len=0
197 13:24:49.162 11111111 10.1.1.1 TCP 75.94 [SYN] Seq=0 Win=512 Len=0
198 13:24:49.243 11111111 10.1.1.1 TCP 60.53 [SYN] Seq=0 Win=512 Len=0
199 13:24:49.310 11111111 10.1.1.1 TCP 74.93 [SYN] Seq=0 Win=512 Len=0
200 13:24:49.378 11111111 10.1.1.1 TCP 48.26 [SYN] Seq=0 Win=512 Len=0
201 13:24:49.444 11111111 10.1.1.1 TCP 62.48 [SYN] Seq=0 Win=512 Len=0
202 13:24:49.512 11111111 10.1.1.1 TCP 57.18 [SYN] Seq=0 Win=512 Len=0
203 13:24:49.593 11111111 10.1.1.1 TCP 60.42 [SYN] Seq=0 Win=512 Len=0
204 13:24:49.661 11111111 10.1.1.1 TCP 68.91 [SYN] Seq=0 Win=512 Len=0
205 13:24:49.729 11111111 10.1.1.1 TCP 65.45 [SYN] Seq=0 Win=512 Len=0
206 13:24:49.808 11111111 10.1.1.1 TCP 62.37 [SYN] Seq=0 Win=512 Len=0
207 13:24:50.037 11111111 10.1.1.1 TCP 64.83 [SYN] Seq=0 Win=512 Len=0
Detection Techniques
Two key detection methods were used:
Page 3
Cybersecurity Incident Report
Conclusion
This report summarizes the events of the DoS attack, highlighting the quick detection and response
efforts. Ongoing efforts will strengthen the system to prevent similar attacks.
Page 4