Malware that evades wireshark!?

Status
Not open for further replies.
lyecdevf

lyecdevf

In Runtime
Messages
218
I browse the net through a limited account and I use open source software most of the time. I do not use an AV so I rely heavily on wireshark but what if malware evades wireshark?

Mebroot can then steal any information it likes and send it to a remote server via HTTP. Network analysis tools such as Wireshark won't notice the data leaking out since Mebroot hides the traffic, Erasmus said.
Click to expand...

So what could I use to be 100% sure? I do not know of any other sniffing programs that work as well.
 
i would think you could attach a hub and run wireshark in promiscuous mode. the hub will allways forward all traffic to all ports. wireshark in promiscuous mode will display all traffic.

this is dependant on how the traffic is hidden though.
 
Status
Not open for further replies.

Similar threads

J
Wireshark - No SYN but lots of ACK
Replies
0
Views
1K
Jaydaley123
J
O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
930
once2023
O
F
Are there any 3rd Party Anti-Virus/Anti-malware pgms that allow safe use of Win7 while online.
Replies
5
Views
2K
tehnokraat
T
S
Can I increase RAM to improve performance
Replies
7
Views
526
Joe C
Joe C
S
Would it benefit me joining Discord chat groups?
Replies
0
Views
885
Scissorman
S
Back
Top Bottom