Deconstructing a Webserver attack

Thursday, 7 May 2009, 8:31 AM EST

I was looking for a good example to highlight two very useful and often overlooked features of Wireshark: the flexibility of tshark and the tool suite’s HTTPS/SSL decryption capability.

The following example covers both, and goes a bit further to describe one way of investigating an attack to assess the likelihood of compromise. While contrived, make no mistake about it, this is reflective of a real-world attack seen recently, later linked to sophisticated adversaries.

At SANS.

[ Read more ]




Spotlight

Banking botnets persist despite takedowns

More than 90 percent of all Trojans targeted financial institutions located in US, followed by the UK, Germany, Italy, Spain and Australia.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Apr 24th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //