doomedraven
commented
7 years ago 80, 443 the rest depends of the malware
Open masifpak opened 7 years ago
doomedraven
commented
7 years ago 80, 443 the rest depends of the malware
masifpak
commented
7 years ago What if a malware communicate on unknown ports with its CNC or any URL. We are dumping all communication of Analysis machine , running malware on, hostonly interface. What is ports are not open but malware is trying. Can we get logs of communication on closed ports in reports because we are dump all communication.
doomedraven
commented
7 years ago You should tweak pcap processing for that, but pcaps hace everything
Hi Geeks, I have a situation in which there is a proxy server in front of Cuckoo. We can not open all port for cuckoo to forward traffic of Malware Analysis Machine (Win7) to Internet. I want to know which ports should i open for Cuckoo so that malware can be analyzed properly.