Re: [Wireshark-users] Finding out Stats about users machine

From: Jaap Keuter <jaap.keuter_at_nospam>
Date: Tue Oct 26 2010 - 19:20:12 GMT
To: Community support list for Wireshark <wireshark-users@wireshark.org>

On 10/26/2010 04:43 PM, Maverick wrote:
> Is there anyway in wireshark to figure out from the network traces if
> the machine has firewall installed? Aand if it is installed can I
> determine if it is being updated ?
> Thanks
> MAK
>

Hi,

Well, if you know that certain attack vectors come into that machine, you can
see if and how it responds. That behavior is influenced by a firewall, hence
could be deduced from it.
An update, if done through the captured interface, may be visible when an update
site is accessed.

In short; possible? somewhat, easy? not really.

Thanks,
Jaap

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@wireshark.org?subject=unsubscribe

This message: [ Message body ]
Next message: Jaap Keuter: "Re: [Wireshark-users] Windows 7 and Wireshark any release"
Previous message: Boonie: "Re: [Wireshark-users] Analyzing many pcap files with tshark"
In reply to: Maverick: "[Wireshark-users] Finding out Stats about users machine"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]