|Main Archive Page > Month Archives > wireshark-users archives|
On 10/26/2010 04:43 PM, Maverick wrote:
> Is there anyway in wireshark to figure out from the network traces if
> the machine has firewall installed? Aand if it is installed can I
> determine if it is being updated ?
Well, if you know that certain attack vectors come into that machine, you can
see if and how it responds. That behavior is influenced by a firewall, hence
could be deduced from it.
An update, if done through the captured interface, may be visible when an update
site is accessed.
In short; possible? somewhat, easy? not really.
Sent via: Wireshark-users mailing list <email@example.com>