This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

When you have malware infect your network, does Wireshark have any ways of detecting or telling you there are packets transmitting it?

I am still learning how WireShark works and all it's features. :)

Thanks, Eric

asked 26 Jul '12, 14:21

TechnoLion's gravatar image

TechnoLion
6113
accept rate: 0%


Wireshark is a packet analysis tool and as such will display all captured packets, but does nothing to specifically highlight malware packets. An IDS such as Snort is the tool for that sort of task.

permanent link

answered 26 Jul '12, 14:24

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×27

question asked: 26 Jul '12, 14:21

question was seen: 2,578 times

last updated: 26 Jul '12, 14:24

p​o​w​e​r​e​d by O​S​Q​A