Hi I opened a file slammer.pcap but later I checked on virustotal this file is infected. Did my computer get infected because of opening it? I was sure there are just ips and nothing more. I'm using Debian Jessie 8.8 and Wireshark as non-root. asked 08 Jun '17, 04:21 nee4V |
One Answer:
If you opened the pcap in Wireshark (especially on a Linux system with non-root credentials) there is nothing to worry about. Slammer attacks SQL servers over the network, so there needs to be active communication of packets, and just reading them passively in Wireshark doesn't do that at all. You're safe. answered 08 Jun '17, 04:24 Jasper ♦♦ |
Thank you for fast answer, I'm glad.