This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

i have a wireshark result. there is a connection between A and a server. During this connection server repeatedly sends ACK=202 and correct seq of the data, A is sending seq =202 with correct ACK and len=0. At the end A has received many data but server has only packet with seq=202 which its length is 0.

TCP disconnection, instead of sending FIN to Server, A sends RST to Server. I want to know that is it a malware? if it is a malware what is its target or it is what kind of malware?

thanks for your consideration

asked 24 May '15, 13:36

samira's gravatar image

samira
6557
accept rate: 0%

closed 24 May '15, 14:03

grahamb's gravatar image

grahamb ♦
19.8k330206

The question has been closed for the following reason "Duplicate Question" by grahamb 24 May '15, 14:03

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×1,620
×27

question asked: 24 May '15, 13:36

question was seen: 955 times

last updated: 24 May '15, 14:03

p​o​w​e​r​e​d by O​S​Q​A