However, Wireshark can be customized to provide a better view of the activity.įigure 1: Viewing a pcap using Wireshark's default column display. Wireshark's default column is not ideal when investigating such malware-based infection traffic. Malware distribution frequently occurs through web traffic, and we also see this channel used for data exfiltration and command and control activity. Web Traffic and the Default Wireshark Column Display
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |