How to monitor FBHOLE worm with Capsa network analyzer
We provide some tips on monitorring FBHOLE worm. In this article, we specificlly provide a step by step guide on how to build a fileter and monitor FBHOLE worm with Capsa network analyzer.
1. On the Start Page, click Packet Filter Settings link to open the Filter dialog box, which organizes all the filters.
2. Click the Add button (on the bottom-left corner of the dialog box) to build a new filter.
3.In the new window, choose Advanced Filter tab. And click the And icon. Choose Content from the context menu.
4. In the Pattern Rule window, just enter keyword: fbhole.com in the Pattern text box. Then click OK to close the window.
5. Click OK again to close the Packet Filter window.
6. Check the Accept checkbox of the filter just built which enables the program only capture the packets containing keyword “fbhole.com”.
7. Click OK and then start a capture.
8. If there is already a project running, you’d better stop it to build the filter and restart the capture. To build a filter in a running project: click the Filter button on the Ribbon. You will also see the Filter dialog box as well.