Troubleshooting : TS2 (new updates)
Diagnostics : H3
Configuration : H2+
Troublshooting - TS2
Recommendations: Strategize your troubleshooting techniques
Diagnostics - H3
No suprises here. Same as SPOTO.
In the 1st part, seq number was 133 for DHCP discovery packet with source 0.0.0.0. Use 'bootp' here.
In the 2nd part, Server was 10.1.1.1 and Attacker was 10.1.1.2. Use tcp.port==1337 here.
Configuration - H2+
Almost same as SPOTO.
Recommendation: Understand the topology and traffic flow very well