jjjan
commented
6 years ago @3skr0 OK. where is it? and any answer for result?
Open jjjan opened 6 years ago
jjjan
commented
6 years ago @3skr0 OK. where is it? and any answer for result?
phibos
commented
6 years ago Capturing raw connections as pcap file is currently not possible. But can you explain the details behind your idea. What information would you like to extract from the pcap file?
zenire
commented
6 years ago pcap files are very useful to transfer as forensic evidence to police/government.
phibos
commented
6 years ago What about encryption? Dionaea uses bistreams to dump the decrypted content of a connection to disk. Is this an option or do you need both?
jjjan
commented
6 years ago @phibos 1- what type of encrypt connection decrypted by Dionaea? how can we analysis that? 2- pcap usefull for finding more evidence in analysis 3- could you add x64 shell code decoders. now we have just x86? 4- is there a way to disable wannacry malware captures it's annoying and lot's of duplicate Data?
jjjan
commented
6 years ago @phibos any answer for those question
Hello, does dionaea save pcap file for all packet ? if yes how can i enable it?
if there isn't any related modules could you add it?