From: "Jaap Keuter" <jaap.keuter@xxxxxxxxx>
| Hi,
| You need a display filter?
| Just point and click; point to the packet with the protocol you don't want,
| right-click and add to filter.
| Thanks,
| Jaap
I'm kind of in the middle but here goes...
{ I say I am in the middle because it is not my website. }
This is a web site accepts malcious samples. The site sandbozes and executes the malcious
samples and the sends a PCAP file of communication and a HTML file of activity.
The PCAP is full of Microsoft "noise" that doesn't have to do with the malware analysis.
The objective is to filter out the noise and generate a PCAP without said noise. That
filtered PCAP and the HTML report are subsequently ZIPed and emailed to the malicious file
submitter.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp