Chapter 5. Inspecting Malware Traffic
A malware is any software with malicious intents and generally refers to terms such as viruses, worms, Trojans, spywares, Adwares, Ransomwares, and so on. which we hear very often (unfortunately). Analyzing such a piece of software in order to understand the way it works, the files it affects, its unique signatures, and the harm it may cause to a system is called malware analysis. Malware analysis is a different ball game with its own set of tools than what we'll be digging into in this lesson. In this chapter, we will focus on the following:
- Analyze malicious traffic using Wireshark and some common sense
- Important pointers to nail down any malware on the network
- Understand how bots communicate over IRC
- Specifics to look for while analyzing spiteful IRC communication
The first question that might pop up in your head is "Why do I need to inspect malware traffic when my anti-virus and other solutions with the "blinking lights"...
