Wireshark mailing list archives

Re: Need filters

From: "David H. Lipman" <DLipman () Verizon Net>
Date: Wed, 23 Jun 2010 06:49:29 -0400

From: "bart sikkes" <b.sikkes () gmail com>

Thanx!

I passed on your comment.  Maybe what I should do next is point him to this News
group.


| and what if the malware uses the port(s) you are going to exclude?
| specially with malware i would be careful with what you call noise,
| that noise can be used to hide the malware.

| bart

Good point but, after a while of examining malware communications you get a good feel for 
what they don't do.

-- 
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp 



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Re: Need filters David H. Lipman (Jun 22)
- Re: Need filters Guy Harris (Jun 22)
  - Re: Need filters David H. Lipman (Jun 22)
    - Re: Need filters Guy Harris (Jun 22)
    - Re: Need filters David H. Lipman (Jun 22)
    - Re: Need filters bart sikkes (Jun 22)
    - Re: Need filters David H. Lipman (Jun 23)
    - Re: Need filters M K (Jun 27)
    - Re: Need filters David H. Lipman (Jun 27)
    - Which is the stable version for wireshark ? Reddy Nagendra-GKTC37 (Jun 27)
    - Re: Which is the stable version for wireshark ? Jaap Keuter (Jun 27)
    - Re: Which is the stable version for wireshark ? Reddy Nagendra-GKTC37 (Jun 27)
    - Re: Need filters David H. Lipman (Jun 23)
    - Re: Need filters Jaap Keuter (Jun 23)
    - Re: Need filters David H. Lipman (Jun 23)
    - Re: Need filters Guy Harris (Jun 23)
    - Re: Need filters David H. Lipman (Jun 23)

(Thread continues...)