Revision history [back]

How do we filter out the malware attackers ip from incoming and outgoing traffic in Wireshark?

Hi,

I want to know How do we filter out the malware attacker IPs from incoming and outgoing traffic in Wireshark? Actually, I want to use Wireshark in our production environment to monitor and analyse the incoming and outgoing traffic. And if there is some malware or any kind of suspicious traffic, then in that situation, I want from Wireshark that: a. Filter out the malware and suspicious incoming traffic. b. categorise and store it in a different log file and provide some kind of alert or notification, like there is some malware attack like this.

So, how can I achieve this, and is it possible to do it in Wireshark? Please let me know as soon as possible.

Thanks! Khushboo Kumari

How do we filter out the malware attackers ip from incoming and outgoing traffic in Wireshark?

~~Hi,~~Hi,

I want to know How do we filter out the malware attacker IPs from incoming and outgoing traffic in Wireshark? Actually, I want to use Wireshark in our production environment to monitor and ~~analyse~~ analyze the incoming and outgoing traffic. And if there is some malware or any kind of suspicious traffic, then in that situation, I want from Wireshark that: a. Filter out the malware and suspicious incoming traffic. b. ~~categorise~~ categories and store it in a different log file and provide some kind of alert or notification, like there is some malware attack like this.

So, how can I achieve this, and is it possible to do it in Wireshark? Please let me know as soon as ~~possible.~~

possible. a Thanks! Khushboo Kumari