kiowa's profile - activity

overview network karma followed questions activity

2022-05-27 01:23:44 +0000	received badge	● Famous Question (source)
2021-02-18 15:18:40 +0000	answered a question	UDP Port 889 Broadcast (ip.ttl "Time to Live" only 1) I use cFos and have the same traffic. Thanks for the pcap cause I was looking searching for info on 889. Yesterday, I fo
2020-10-26 22:30:55 +0000	received badge	● Notable Question (source)
2020-09-20 15:23:03 +0000	received badge	● Popular Question (source)
2019-12-13 04:21:14 +0000	received badge	● Popular Question (source)
2018-07-23 15:24:07 +0000	marked best answer	llmnr malicious domain I've captured a compromised system. I filter llmnr and found a collection of suspicious results. Some of the requests are sent to domains with mixed characters. Such as "kdonszushlwi" or as "ytdfgejjknsc". What are these?
2018-07-23 15:24:07 +0000	received badge	● Scholar (source)
2018-07-23 15:23:42 +0000	answered a question	llmnr malicious domain I resolved the issue. It was a false-positive. Investigating futher I found the users were on thin-clients. The NIC card
2018-07-22 02:27:10 +0000	commented answer	llmnr malicious domain that is what i'm seeing. however, in squert there is a hit for a p2p thunder.xunelei.i'm looking for traffic that can sh
2018-07-21 01:49:49 +0000	asked a question	llmnr malicious domain llmnr malicious domain I've captured a compromised system. I filter llmnr and found a collection of suspicious results.
2018-07-10 17:33:48 +0000	commented answer	handling 150mb pcaps thanks Jasper. I just read about tracewranger in a wireshark book. i'm going to look into this. Can Wireshark combine mu
2018-07-10 17:29:58 +0000	commented answer	handling 150mb pcaps yea save filters are very great for things like broadcasts, but when you have 10 pcaps you need to invesetigate bc you n
2018-07-10 02:13:07 +0000	asked a question	handling 150mb pcaps handling 150mb pcaps i'm looking for feedback or best practices, or just approaches the community takes with dealing wit