Malicious broadcast or signal hack: What to look for?

Has anyone used Wireshark to forensically prove a signal hack, for example, a rogue broadcast via TV transmitter or using a Yagi WiFi antenna?

Seems like any data that is conveyed in this way and that is heard/seen on a device should leave some artifact or packet information. Has anyone been able to pin down this type of malicious behavior using Wireshark or some packet filtering process?

Thanks.

Has anyone used Wireshark to forensically prove a signal hack

no, I have not and based on your assumption to use a TV transmitter, Wireshark is the wrong tool for such an endeavor.

The reasons are:

You need a capture device that is able to capture TV signals.
You need a decoder that can decode 'TV signals'. Wireshark does not have such a decoder.
Wireshark was mainly built to dissect Ethernet/IP packet. While it can dissect a lot of other protocols now, why do you assume, that such a uber attacker would use a known encoding scheme, when he want's to leak data via a TV signal

Long story short: I'm sorry, but there is no way to use Wireshark for the type of forensic analysis you described.

Regards
Kurt

24.7k

Kurt Knochner

answered 2019-03-14 20:06:02 +0000, updated 2019-03-14 20:06:23 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Malicious broadcast or signal hack: What to look for? edit

Comments

1 Answer

Comments