![]() Here’s a Wireshark filter to detect UDP ping sweeps (host discovery technique on layer 4): udp.dstport=7 ![]() If we see a higher volume of such traffic destined to many different IP addresses, it means somebody is probably performing TCP ping sweeping to find alive hosts on the network (e.g. TCP ping sweeps typically use port 7 (echo). This is how TCP ping sweeping looks like in Wireshark: Here’s a Wireshark filter to detect TCP ping sweeps (host discovery technique on layer 4): tcp.dstport=7
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |