An analyst was given a PCAP file, which is associated with a recent intrusion event in the company FTP server Which display filters should the analyst use to filter the FTP traffic?
The correct display filter for analyzing FTP traffic in a PCAP file is “tcp.port==21”. This filter will show all TCP packets where the port number is 21, which is the standard port for FTP control messages.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit