You are a network administrator working for XYZ Hospital. Your manager has received reports that the hospital's records server is not working. Users attempting to access the records report that they have received a message that they are unable to connect to the server. Your IT manger asks you to investigate the situation, analyze the potential cause or causes of the service disruption, suggest solutions, outline their limitations and discuss the potential further impact on social stability. You must detail your findings in a report.
1.1 Preliminary investigation
You confirm the interrupted service issue by attempting accessing records from your system. The error message is displayed. Following this, you decide to perform some basic troubleshooting. You attempt to login into the server using the IP address 200.200.1.77 remotely, which is unsuccessful. Based on this preliminary investigation, you suspect there may be a problem with the records server. You wonder what has gone wrong, and whether an attack has taken place. You must investigate further, so that you understand what happened and can suggest appropriate solutions. Please be aware this is just a scenario. The IP address 200.200.1.77 are not linked to any real website.

 

  

No. Time 1 0.000000 2 0.357813 3 0.358720 4 0.359507 5 0.360381 6 0.361182 7 0.361962 8 0.362726 9 0.363555 10 0.364326 11 0.365094 12 0.365883 13 0.366758 14 0.367661 15 0.368709 16 0.369472 17 0.370297 18 0.371130 19 0.371888 20 0.372748 Source 51.142.253.91 246.160.37.73 53.128.129.15 126.79.12.119 230.185.60.16 20.247.134.114 242.168.51.119 62.171.3.32 74.55.63.122 238.227.214.84 205.245.31.84 161.53.118.5 116.20.129.68 240.28.34.117 116.228.172.93 119.27.2.32 8.29.40.64 87.123.82.40 215.175.235.78 253.98.102.67 Destination 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 200.200.1.77 | Protocol | Length | Info ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP ICMP 74 Echo (ping) request id=0x0001, seq=19/4864 id=0x0001, seq=20/5120 id=0x0001, seq=21/5376 id=0x0001, seq=22/5632 id=0x0001, seq=23/5888 id=0x0001, seq=24/6144 id=0x0001, seq=25/6400 id=0x0001, seq=26/6656 id=0x0001, seq=27/6912 id=0x0001, seq=28/7168 id=0x0001, seq=29/7424 id=0x0001, seq=30/7680 id=0x0001, seq=31/7936 id=0x0001, seq=32/8192 id=0x0001, seq=33/8448 id=0x0001, seq=34/8704 id=0x0001, seq=35/8960 id=0x0001, seq=36/9216- id=0x0001, seq=37/9472 id=0x0001, seq=38/9728 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request 74 Echo (ping) request > Frame 1: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) > Ethernet II, Src: 46:cf: 6a:19:df:c6 (46: cf: 6a:19:df:c6), Dst: Arcadyan_cc:87:5c (bc:30:d > Internet Protocol Version 4, Src: 51.142.253.91, Dst: 200.200.1.77 > Internet Control Message Protocol 0000 bc 30 d9 cc 87 5c 46 cf 0010 00 3c 78cd4200 001140 c01 0020 01 4d 08, 00 17 meb 00 01 0030 00 00 00 00 00 00 00 00 0040 00 00 00 00 00 00 00 00