General Advice on Wireshark Examples
- Pay attention to what Wireshark columns are used. They are not all the same, nor ordered the same.
- These are very “clean” captures. Even without display filters, there is little to no other traffic.
- Some things aren’t what they seem; for example, why are ICMP requests left unreplied? Much investigating needs to be done in malware analysis.
- Much more can be gleaned from a capture; for example, trying other columns or opening Analyze ⇨ Expert Information
沒有留言:
發佈留言
歡迎留下寶貴意見