Forensic Contest #4 released

More information at their site, but here is what they are asking you to find.

1. What was the IP address of Mr. X’s scanner?
2. What type of port scan(s) did Mr. X conduct? Check all that apply:

* TCP SYN
* TCP ACK
* UDP
* TCP Connect
* TCP XMAS
* TCP RST

3. What were the IP addresses of the targets Mr. X discovered?
4. What was the MAC address of the Apple system he found?
5. What was the IP address of the Windows system he found?
6. What TCP ports were open on the Windows system? (Please list the decimal numbers from lowest to highest.)
X-TRA CREDIT (You don’t have to answer this, but you get super bonus points if you do): What was the name of the tool Mr. X used to port scan? How can you tell? Can you reconstruct the output from the tool, roughly the way Mr. X would have seen it?

Deadline is 3/04/10 (11:59:59PM UTC-11) (In other words, if it’s still 3/04/10 anywhere in the world, you can submit your entry.)