Wireshark Tip 4: Spot suspicious traffic in the protocol hierarchy
Channel | Publish Date | Thumbnail & View Count | Download Video |
---|---|---|---|
Laura Chappell | 2013-07-20 19:21:34 | 102,670 Views |
This tip was released via Twitter (@laurachappell). If you suspect a host has been compromised, always open the Protocol Hierarchy window. Look for unusual applications (such as IRC or TFTP) or the dreaded /"data/" directly under IP, TCP or UDP.
Please take the opportunity to connect and share this video with your friends and family if you find it helpful.