Packet Analysis

Webinar - How TCP reassembly quirks can be used to hide attacks

1 min read

TCP reassembly differences between tools and operating systems can be used to hide cybersecurity attacks

When analyzing network traffic, we rely on our tools to show us how a TCP stream was reassembled or to give us a list of HTTP websites accessed in a pcap file.

Our own Sr. Technology Specialist, Tom Peterson, spoke at SharkFest US 2019. He had a great experience and wanted to share his talk, “When TCP Reassembly Gets Complicated”, with our CloudShark community.

In this talk, learn how TCP is processed by different OS and tools, and how the differences could be used to hide malicious behavior.

Watch the video of his webinar below.

Get articles like this in your inbox: