Open jjjan opened 6 years ago
@3skr0 OK. where is it? and any answer for result?
Capturing raw connections as pcap file is currently not possible. But can you explain the details behind your idea. What information would you like to extract from the pcap file?
pcap files are very useful to transfer as forensic evidence to police/government.
What about encryption? Dionaea uses bistreams to dump the decrypted content of a connection to disk. Is this an option or do you need both?
@phibos 1- what type of encrypt connection decrypted by Dionaea? how can we analysis that? 2- pcap usefull for finding more evidence in analysis 3- could you add x64 shell code decoders. now we have just x86? 4- is there a way to disable wannacry malware captures it's annoying and lot's of duplicate Data?
@phibos any answer for those question
Hello, does dionaea save pcap file for all packet ? if yes how can i enable it?
if there isn't any related modules could you add it?