Ethereal

Re: [Ethereal-users] looking for virus or spamming
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: December 2005

 

can try looking for all dns request that do NOT have an A or PRT record
you can compair to some black hole files
 
 
>>>jlmiller@xxxxxxxxxxxxxxxxxx 12/04/05 8:06 pm >>> 
I'm currently looking at a gateway server that seems to have a awful lot
of DNS requests and ARP requests.  Not sure if this is correct, but is
there a way to home in on virus and spam checking?  I eliminate all
valid traffic, but I would like to know if there are certain packets I
can look for.  I know this is huge area, if there is something I can
look for trim the search I would appreciate it. 
 
Thanks 
 
Jon 
 
 
Ethereal-users mailing list 
Ethereal-users@xxxxxxxxxxxx 
http://www.ethereal.com/mailman/listinfo/ethereal-users

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.