Wireshark mailing list archives
Re: [offtopic] spyware
From: "Sheahan, John" <John.Sheahan () priceline com>
Date: Fri, 12 Feb 2010 07:55:18 -0500
I have seen it use TCP port 80. I was able to find spyware on my machine when I set my browser proxy settings to use TCP 8080 and then sniffed for all traffic trying to use TCP port 80. From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Boaz Galil Sent: Friday, February 12, 2010 7:24 AM To: Community support list for Wireshark Subject: [Wireshark-users] [offtopic] spyware Hi experts I have seen this question on other forum and I was wonder what do you have to say about it. Does most spyware (built to transfer data from computer A to some other location) use TCP or UDP and why? My opinion without knowing the real statistics is that most spyware are probably using UDP due to the nature of the connectionless of this protocol. Any ideas? Thanks in advance, -- Boaz.
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- [offtopic] spyware Boaz Galil (Feb 12)
- Re: [offtopic] spyware Sheahan, John (Feb 12)