The Official Wireshark Blog

Using Wireshark to track a botnet

· 82 words · 1 minutes to read
Categories: Protocols Security
Tags: botnet mariposa

Security researchers have written a Wireshark dissector that will decrypt the command and control protocol used by the Mariposa botnet. More information at Palo Alto Networks and Defence Intelligence.

Comments 🔗

Comment by ManOnFire on 2009-11-02 08:05:48 +0000 🔗

Anyone have a packet capture for mariposa C&C? I would like to test the decryption plugin. Thanks!

Comment by Gerald Combs on 2009-11-04 13:47:55 +0000 🔗

You might try contacting Palo Alto Networks or Defence Intelligence. I don’t see any capture file downloads on either site.