TCP/IP Packet Analysis of Zeus Botnet
With all of the news of Kneber and Zeus, have you wondered what it looks like?
The Zeus botnet and it’s Kneber variant have made headline news lately. These botnets are known for their fault tolerant command and control servers and their ability to steal financial and login credentials.
This post is more for our readers who know TCP/IP communication very well. The packet analysis gurus over at Openpacket.org have made available three packet capture samples of the Zeus Botnet communicating with an infected machine.
This will come in handy for any computer security specialist who needs to know what Zeus Botnet traffic looks like. These sample files are in .pcap format and can be opened with Wireshark, TCPDump or any other packet capture reader program.