Transcript
The Sebek Utility
By Jon Wolgast
Sebek Communication Diagram
Sebek Module Diagram
Sebek Packet Transference
Sebek Packet Header Diagram
Time_secTime_usecPID
UIDFD
Com
Sebek Packet Described
Length and Counter used if Sebek Record is greater than a standard MTU(1500 bytes) size for the LAN, Counter tells what number in the series the packet is and Length tells how many packets there will be in this one read() call series
Web Administration Home Page
Key logging
SCP File Transfer
Web Administration Search Page
Example 1
Example 2
The End
• Pictures Obtained From Honeynet.org’s Know Your Enemy: Sebek whitepaper
• www.honeynet.org/papers/sebek.pdf