Project Description
Our organisation runs a geographically-distributed Wide Area Network and I want independent confirmation that the data moving across it cannot be intercepted, decoded, or manipulated. The engagement is limited to traffic analysis and sniffing on the live WAN links; firewall rule-sets and router configurations are out of scope unless you discover something during capture that clearly ties back to them.
Scope
• Perform lawful, ethical interception of packet flows on agreed WAN segments.
• Analyse captured traffic for clear-text credentials, session fixation, protocol misconfiguration, or other weaknesses that could lead to privilege escalation or data leakage.
• Attempt non-disruptive proof-of-concept exploits only where traffic analysis indicates a realistic attack path.
Please rely on industry-standard tooling—think tcpdump, Wireshark, Zeek, Scapy—or equivalent solutions you already trust, and document every step so findings can be reproduced internally.
Deliverables
1. Executive summary highlighting risk level and business impact.
2. Technical report with methodology, tool versions, timestamps, and decoded traffic samples.
3. PCAP files (sanitised where necessary) plus any scripts used.
4. Prioritised remediation recommendations mapped to the issues discovered.
Acceptance criteria: the report must allow our internal security team to replicate at least one of your findings within 48 hours using only the documentation you provide.
Engagement can start as soon as we exchange the necessary NDA and you receive the approved maintenance window schedule.