A drive-by download occurs when browsing the internet, and can result in a malware infection. Lisa Bock steps through an investigation that points to trojan activity, and possibly other malware on the system.
- [Female Announcer] Many of us are on the internet,…surfing, shopping, banking, or…simply watching YouTube videos.…While you're on the internet, you may be…a victim of a drive-by download.…Some malicious software has made its way…onto your system and taken up residency.…You may not even be aware of this until,…at some point, your system starts…exhibiting unusual or suspicious behavior.…
I have this packet capture here,…where there was some unusual or suspicious activity…on the network and at the endpoint.…Now taking a look at this, you might…not see anything that stands out.…That's common, but you'll have to dig deeper.…What I commonly do is go to statistics and conversations.…Once I'm in there, I'll take a look at UDP.…
I'll take a look at UDP and I'll do a sort…on the ports, and then I'll cross-reference…and look up the ports to see if…there's anything associated with malware.…I didn't really see anything, and…I will also look at TCP ports as well.…Now one thing what I'll do is take a look at…the top talker, by sorting by bytes.…
- Trends in cyberattacks
- Preventing system compromise
- Analyzing packets
- Using Wireshark
- Creating firewall rules
- Baselining a network
- Using capture filters
- Using a ring buffer
- Handling OSI layer attacks
- Identifying attack signatures
- Using VirusTotal
- Handling unwanted TOR activity
Skill Level Intermediate
Troubleshooting Your Network with Wiresharkwith Lisa Bock2h 35m Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Appropriate for all
1. Deep Packet Analysis
2. Capture Overview
3. Unusual Traffic
4. Case Studies
Next steps1m 30s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.