Irregular Expressions

Apr 24 2013   8:13PM GMT

New VirusTotal Functionality

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Virus total now allows you to send pcap ( Packet captures ) files directly to them.

Here is one of the examples of what you can send that they provided.

VirusTotal is an excellent tool, and this provides a handy place to send your traffic that you have captured from your network or sandbox for quick analysis.

Just a quick word of caution on sending samples and now pcap files to sites like virus total. While it is handy to have the searchable analysis, remember that anyone can search those results. If you happen to be part of a targeted attack you could be tipping your hand to the attacker. They can be searching sites like this for IP’s and hashes involved in their attack. Once the attacker knows that they have been discovered they could do anything including damaging systems in an effort to cover up.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: