i have a wireshark result. there is a connection between A and a server. During this connection server repeatedly sends ACK=202 and correct seq of the data, A is sending seq =202 with correct ACK and len=0. At the end A has received many data but server has only packet with seq=202 which its length is 0. TCP disconnection, instead of sending FIN to Server, A sends RST to Server. I want to know that is it a malware? if it is a malware what is its target or it is what kind of malware? thanks for your consideration asked 24 May '15, 13:36  samira closed 24 May '15, 14:03  grahamb ♦ |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
This seems to be a preliminary duplicate of https://ask.wireshark.org/questions/42643/how-can-i-understand-that-there-is-any-antivirus-or-not