This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Does Wireshark Inform You of Malicious Packets While Scanning?

0

When you have malware infect your network, does Wireshark have any ways of detecting or telling you there are packets transmitting it?

I am still learning how WireShark works and all it's features. :)

Thanks, Eric

asked 26 Jul '12, 14:21

TechnoLion's gravatar image

TechnoLion
6113
accept rate: 0%


One Answer:

2

Wireshark is a packet analysis tool and as such will display all captured packets, but does nothing to specifically highlight malware packets. An IDS such as Snort is the tool for that sort of task.

answered 26 Jul '12, 14:24

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%