From the course: Wireshark: Malware and Forensics
Join today to access over 24,900 courses taught by industry experts.
Evaluating Trojan behavior - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
Evaluating Trojan behavior
- [Instructor] Many of us are on the internet, surfing, shopping, banking, or simply watching YouTube videos. While you're on the internet, you may be a victim of a drive-by download. Some malicious software has made its way onto your system and taken up residency. You may not even be aware of this until at some point your system starts exhibiting unusual or suspicious behavior. I have this packet capture here where there was some unusual or suspicious activity on the network and at the endpoint. Now taking a look at this, you might not see anything that stands out. That's common. You'll have to dig deeper. What I commonly do is go to statistics and conversations. Once I'm in there, I'll take a look at UDP. I'll take a look at UDP and I'll do a sort on the ports, and then I'll cross-reference and look up the ports to see if there's anything associated with malware. I didn't really see anything. And I'll also look at TCP ports as well. Now, one thing what I'll do is take a look at the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.