Wireshark

What's the best way to setup a home network? Why should I care about BGP?

Wireshark

Post by tsiric17 on Sun Apr 15, 2012 5:03 am
([msg=65708]see Wireshark[/msg])

Hello fellow hackers !

I need some help and since i didnt know where else to post this im posting it here. Besides there are more experienced hackers here then any other sites i know of...

Anyway my problem is my dorms network... Someones computer cought a worm and now its spreading through the network and "killing" our download speed... The network administrator said he cant do anything but that we can use wireshark to check for suspicious traffic. The thing is i dont have a lot of experience with wireshark so could anyone explain to me how to use it to find the worm? I also have Cain and Abel and Nmap if it helps. Im preety sure my computer is not the problem because i have antivirus and i ran my backup as soon as i found out. :/

thx in advance :)
tsiric17
New User
New User
 
Posts: 5
Joined: Wed Mar 14, 2012 8:12 am
Blog: View Blog (0)


Re: Wireshark

Post by pretentious on Tue Apr 17, 2012 3:01 am
([msg=65719]see Re: Wireshark[/msg])

tsiric17 wrote:The network administrator said he cant do anything but that we can use wireshark to check for suspicious traffic

Isn't that the network administrators job? Anyway i don't knnow about the specific situation but what exaclty are you not sure about? I thought wireshark was pretty easy to figure out, just a matter of sniffing the right interface and having some idea what you're looking for, in your case, suspicious traffic.
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
pretentious wrote:Welcome to bat country
User avatar
pretentious
Contributor
Contributor
 
Posts: 655
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: Wireshark

Post by tsiric17 on Tue Apr 17, 2012 7:33 am
([msg=65720]see Re: Wireshark[/msg])

Well, obviously it isnt, because he isnt doing a damn thing... :/
Anyways the whole thing is now resolved as this morning the internet was fixed ( they say it was something to do with people connecting to the network with their smartphones)

Ill try to learn a bit more about wireshark for future situations
tsiric17
New User
New User
 
Posts: 5
Joined: Wed Mar 14, 2012 8:12 am
Blog: View Blog (0)


Re: Wireshark

Post by LoGiCaL__ on Wed Apr 18, 2012 7:27 am
([msg=65749]see Re: Wireshark[/msg])

If your using windows I would make sure your c:\ drive isn't able to be shared, and your remote registry and telnet services are disabled. Just in case the worm decides to return.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1060
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)


Re: Wireshark

Post by tsiric17 on Mon Apr 23, 2012 10:52 am
([msg=65932]see Re: Wireshark[/msg])

LoGiCaL__ wrote:If your using windows I would make sure your c:\ drive isn't able to be shared, and your remote registry and telnet services are disabled. Just in case the worm decides to return.



Turns out it wasnt a worm like it was originally thought. The problem was that people were connecting with their smartphones to the wireless network through a program called connectify ( i think, might be a website im not sure), which kept sending apr packets to everyone on the network, whetever we were using it or not... :/ but thx anyway :)
tsiric17
New User
New User
 
Posts: 5
Joined: Wed Mar 14, 2012 8:12 am
Blog: View Blog (0)


Re: Wireshark

Post by LoGiCaL__ on Mon Apr 23, 2012 11:15 am
([msg=65933]see Re: Wireshark[/msg])

You should mention to the network admin that their should be mac address filtering on the router. Not that it would be hard to spoof. However, it should cut down the amount of users connecting with that app.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1060
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests