Looking for a filter in wireshark to help locate which computer is associated with the zeroaccess botnet. Or a filter to sort out bots on a network. Common things i should be looking for. Thanks asked 01 Feb '16, 13:22  ghost90 |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
As not everyone here is familiar with zeroaccess botnet characteristic behaviour, can you describe it in free form? The task would then be simplified to translating it into a display filter syntax.