Category: Capture Challenge

Thursday, Dec 13, 2018

Grinchident 2018

Every guru in IT loved pcaps a lot But the Grinch, who lived in the datacenter did not! The Grinch hated networks, the packets and streams They furrowed his brow and haunted his dreams It could be because of some hack that had failed Or a time he’d let sensitive data go emailed But I think that the most likely reason all Is the time he’d hung up on that one last support call Alas, had he used CloudShark, perhaps it’d gone well And he’d not have attacked our own networks to tell Thus he was still here, malicious and bitter And that he’d stolen the holiday card we’d intended for Twitter So we ask, CloudShark fans, in the packet community Help us find the picture he stole, expecting impunity Our team grabbed a capture of the Grinch’s attack: Where he hid all the pieces, and how to get them back.

Read the whole entry »

Thursday, Nov 15, 2018

How we made the 2018 Halloween capture challenge

In depth on creating a capture challenge using custom built captures Every so often we like to come up with a special capture challenge where people can use CloudShark to dive into some packet analysis and find the solution. But often the interesting story is about the methods we use to make the captures themselves - generating and capturing very specific packets to make the challenge interesting. Being packet geeks, it’s also really fun.

Read the whole entry »

Wednesday, Oct 31, 2018

Trick or Treat!

A PCAP Challenge for Halloween Celebrating Halloween is something our hometown of Portsmouth, NH takes really seriously! There’s a big parade where everybody does the “Thriller” dance, pumpkin-head scarecrows lurking all over town, and private homes open their elaborately decorated haunted barns for the neighbors to wander through! In the spirit of the season, we’re offering our own Trick or Treat challenge – PCAP style. Take a stroll through this capture file and see if you can find the 5 hidden “pumpkins” that we’ve placed in there for you!

Read the whole entry »

Thursday, Sep 7, 2017

Malware Analysis Webinar Challenge

Thanks to those who participated in our latest Challenge! You can watch the webinar walkthrough here: We’ve been a big fan of They have a huge archive with cool examples of malicious network attacks and malware attempts, and do a great job taking even newbies through the examples. We wanted to bring one of those examples to our users to see how to solve it in CloudShark.

Read the whole entry »

Friday, Aug 26, 2016

Solutions: The Big Byte Capture Challenge

Every summer the devs here at CloudShark engage in a “Summer Coding Challenge” to flex their programming muscles and relive the glory (horror?) days of computer science homework. It just so happens that one of those challenges this year made a great packet capture challenge for you CloudShark fans! We got a lot of great answers - we have some of those solutions below, but if you don’t want it spoiled and want to try the capture for yourself, here it is:

Read the whole entry »

Wednesday, Nov 25, 2015

CloudShark 2015 Thanksgiving Capture Challenge

Since we’ve launched CloudShark Online Accounts, we wanted to celebrate with a special Thanksgiving capture challenge. While most of us in the U.S. will be enjoying hefty helpings of turkey, mashed potatoes, and squash, a select few will be reveling in the magical wonder that is the “Turducken”. Never heard of turducken? It’s exactly what it sounds like: a chicken, wrapped in a duck, wrapped in a turkey, filled with stuffing and sausage and baked to perfection.

Read the whole entry »

Tuesday, Nov 25, 2014

Packet Capture Challenge - Attacking a Secure Wifi Connection

This challenge is complete! Try it yourself or scroll to the solution below. It’s been awhile since we’ve had a good old fashioned packet capture challenge here at CloudShark. In preparation for our upcoming webinar on packet capture and analysis in wireless networks, we thought we’d throw out a challenge involving a would-be malicious attacker trying to gain access to a secured wifi network. The Challenge Take a look at this capture.

Read the whole entry »

Monday, Oct 7, 2013

Solved: Run-By Capture Challenge - Something Strange with Multicast

This packet challenge has concluded! Read on for the solution, or check out the original challenge below! The Solution A few folks spotted the issue with multicast packets #4 and #6. Normally, IP layer multicast packets also use a layer 2 multicast destination MAC address. But the multicast packets in this capture are using a unicast destination address. What is going on here? It turns out that this capture was generated in a wireless network.

Read the whole entry »

Tuesday, Apr 9, 2013

Packet Capture Challenge 7 - Deep, Deep Packets

Haven’t got one of our snazzy CloudShark P-Caps yet? Well, how good are your dissector skills? One of the tools we added in CloudShark 1.7 is the protocol hierarchy tool. Similar to that found in Wireshark, the CloudShark protocol hierarchy tool also lets you click on a given protocol and automatically creates a filter for you based on the packets called out in the hierarchy. Which, you got to admit, is pretty cool.

Read the whole entry »

Thursday, Dec 13, 2012

Solution - Packet Capture Challenge 6

This capture challenge has concluded! Thank you for all of your answers! You can find the solution below, or try the challenge for yourself. The Challenge Happy Holidays from CloudShark! We’ve had a lot of new followers and users of in the network security field, so we have a special intrusion capture challenge for you this month. It requires very little description, but you can use CloudShark’s web-based analysis tools and packet view to figure it out.

Read the whole entry »

Thursday, Oct 4, 2012

Solution to Packet Capture Challenge #5 - TCP Fast Open and Home Routers

This challenge is now concluded! Read the solution below or scroll down for the original challenge! The Solution So, what’s going on here? This communication is happening over a home gateway using Network Address Translation, or NAT. This is very common in home networks as it allows a Service Provider to use only one public address to represent many hosts. It also has an interesting side effect of acting as a natural firewall.

Read the whole entry »

Tuesday, Aug 14, 2012

Packet Capture Challenge #4 - Solution

This challenge is now finished! Read the solution below or scroll down to try the challenge for yourself! The Solution CloudShark lets you embed your filters directly in the URL. When we view this packet capture file, we are already brought to the view we want to see: in this case, only DNS and ICMP messages. Why is that? The problem we’re looking to illustrate happens to be an ICMP packet that is tied to a particular DNS response.

Read the whole entry »

Thursday, Jun 28, 2012

Sharkfest Packet Capture Challenge Solution

Thanks to all who participated in the packet capture challenge at Sharkfest 2012! We had a great time at Sharkfest! Here’s the solution, or scroll down to try the challenge yourself! The Solution Many folks showed us different approaches to this challenge. Here is one approach. Visit the HTTP Requests analysis tool for this capture and take a look at the Response Codes tab. The Response Codes graph shows a break down of traffic by HTTP Response code.

Read the whole entry »

Tuesday, Apr 24, 2012

Packet Capture Challenge #3 - Solution

This challenge is over! You can find the solution below. First off, thanks to everyone who sent in a solution. The solution is posted here, or try the challenge yourself below! The Solution Unlike past challenges, this challenge involves multiple capture files with two SIP clients attempting a VoIP call behind a SIP aware router. The first capture was taken on the LAN side of the router. The second capture was taken on the WAN side of the router.

Read the whole entry »

Tuesday, Apr 3, 2012

Packet Capture Challenge #2 - Solution

This challenge is over for now. You can find the solution below! First off, thanks to everyone who sent in a solution. Joe shows us the solution on Youtube, or try the challenge yourself below! The Challange We are having another Packet Capture Challenge to celebrate the release of CloudShark 1.4. If you can answer the question below, send an email to with your address and Tee-Shirt size, we’ll send out a CloudShark tee shirt to the first 10 correct responses we receive.

Read the whole entry »

Tuesday, Mar 20, 2012

Packet Capture Challenge #1 - The Solution

This challenge is over! You can find the solution below. First off, thanks to everyone who sent in a solution to this packet capture challenge. Some of you told us the challenge was too easy. Don’t worry. They’ll get harder. Watch Joe show you the solution from a cafe in downtown Portsmouth, NH, or try the challenge for yourself below! The Challange Ok, gather around packet geeks. Take a look at this capture session.

Read the whole entry »



About Us

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: