REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware
It is free, lightweight Linux (Ubuntu distribution) toolkit for reverse-engineering malicious files.
REMnux provides the collection of some of the most common and effective tools used for
reverse engineering malwares in categories like:
1) Investigate Linux malwares
2) Statically analyze windows executable file
3) Examine File properties and contents
4) Multiple sample processing
5) Memory Snapshot Examination
6) Extract and decode artifacts
7) Examine Documents
8) Browser Malware Examination
9) Network utilities
REMnux Tutorial - 4.1 explains about OSI layer, Internet Protocol(IP), Transmission Control Protocol (TCP), User Datagram Protocol (UDP) & Internet Control Message Protocol(ICMP). It focuses on Protocol Headers and the interpretation of various header fields.It further describes about how to detect malicious Datagrams, packet filtering systems behaviors & anomalies causing due to fragmentation.
Video presentation explaining the slides will be posted soon.!
Thanks for visiting my blog.!
No comments:
Post a Comment