How to Network Packet Capture on Malware Analysis
Article ID: 171847
Updated On:
Products
Malware Analysis Software - MA
Issue/Introduction
Need network packet capture for troubleshooting on Malware Analysis (MA)
Resolution
To get a network PCAP on MA, do the following with TCPDump
- Log in via SSH as user 'g2', or use the serial console which is already logged in as user g2 (if you do not know g2 user, factory reset is only way to recover it)
- To Start PCAP: # sudo tcpdump <tcpdump options as needed><use the tcpdump -w <filename> to write to file>
- Test the traffic needed
- To Stop PCAP: use CTRL+C
- SCP off box
Feedback
Yes
No
Powered by
