Death of Security: Breached Hosts/Stolen Data/IP Espionage

Download this episode

Download Video

Description

Using Wireshark, the world’s most popular network analyzer, Laura delves into network communications from suspect hosts -- hosts that have been compromised and hosts that are performing a variety of discovery processes to locate potential targets. The traffic may include evidence of scanning processes to and from suspect hosts, access to Command and Control (C&C) servers, traffic to suspect locations and unusual data flow patterns. Sharing case studies of various compromises that have occurred in the last 12 months, Laura customizes traffic views to highlight some of the blatant indications of malicious activity such as unacceptable SMB Process High ID values, botnet phone home communications, poisoning/redirection and more.

Day:

2

Code:

SIA335

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.