Re: [offtopic] spyware

["Sheahan, John" <John.Sheahan () priceline com>]

I have seen it use TCP port 80.
I was able to find spyware on my machine when I set my browser proxy settings to use TCP 8080 and then sniffed for all 
traffic trying to use TCP port 80.

From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Boaz Galil
Sent: Friday, February 12, 2010 7:24 AM
To: Community support list for Wireshark
Subject: [Wireshark-users] [offtopic] spyware

Hi experts
I have seen this question on other forum and I was wonder what do you have to say about it.
Does most spyware (built to transfer data from computer A to some other location) use TCP or UDP and why?   My opinion 
without knowing the real statistics is that most spyware are probably using UDP due to the nature of the connectionless 
of this protocol.
Any ideas?
Thanks in advance,


--
Boaz.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe