Security Basics mailing list archives

Re: RE: a tool like nestat

From: "Hamish Stanaway" <koremeltdown () hotmail com>
Date: Thu, 09 Sep 2004 07:50:09 +0000

Hi there,

Netstat -bvan does not work for me. Netstat -van does however, so maybethere is no -b switch on XP Pro? The method I was talking about you take thePID from netstat and run it against task, and it tells you the applicationfor that particular PID.

I would love to learn a new way of how to do this though :)



Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com

From: jwichman () new rr com
Reply-To: jwichman () new rr com
To: Hamish Stanaway <koremeltdown () hotmail com>
CC: juanbabi () yahoo com, security-basics () securityfocus com
Subject: Re: RE: a tool like nestat
Date: Sun, 05 Sep 2004 03:26:41 -0500
MIME-Version: 1.0

Received: from outgoing3.securityfocus.com ([205.206.231.27]) bymc4-f18.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Thu, 9 Sep 200400:20:10 -0700Received: from lists.securityfocus.com (lists.securityfocus.com[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPidDF5682396F6; Tue, 7 Sep 2004 11:05:16 -0600 (MDT)

Received: (qmail 29899 invoked from network); 5 Sep 2004 02:06:53 -0000
X-Message-Info: JGTYoYF78jFA/WoKFoslzZt1x97yDnKd
Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics () securityfocus com>
List-Help: <mailto:security-basics-help () securityfocus com>
List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
Delivered-To: mailing list security-basics () securityfocus com
Delivered-To: moderator for security-basics () securityfocus com
Message-id: <126418c1264ce4.1264ce4126418c () rdc-kc rr com>
X-Mailer: iPlanet Messenger Express 5.2 HotFix 1.21 (built Sep  8 2003)
Content-language: en
X-Accept-Language: en
Priority: normal
X-Virus-Scanned: Symantec AntiVirus Scan Engine

Return-Path:security-basics-return-29892-koremeltdown=hotmail.com () securityfocus comX-OriginalArrivalTime: 09 Sep 2004 07:20:10.0670 (UTC)FILETIME=[71076CE0:01C4963D]


I believe you're looking for netstat -bvan

netstat /? will give more information.... that is if you're using a XP box.Otherwise I normally use a program from systernals.com to get thedetails... can't think of the program name off the top of my head though.




----- Original Message -----
From: Hamish Stanaway <koremeltdown () hotmail com>
Date: Wednesday, September 1, 2004 4:29 am
Subject: RE: a tool like nestat

> Hi there Juan,
>
> What version of windows are you using (I presume you are using
> windows as
> you refer to netstat)?
> It is possible to track what application is using what port using
> the
> process number, all doable via a standard XP box in DOS.
> If you are more interested, let me know and I will find the thread
> (which
> admittedly is around a year old now) which refers to how to do this.
>
>
> Kindest of regards,
>
> Hamish Stanaway, CEO
>
> Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
> Auckland, New Zealand
>
> http://www.webhosting.net.nz
> http://www.buywebhosting.co.nz
> http://www.koreworks.com
>
>
>
>
>
> >From: Juan B <juanbabi () yahoo com>
> >To: security-basics () securityfocus com
> >Subject: a tool like nestat
> >Date: Mon, 30 Aug 2004 10:10:02 -0700 (PDT)
> >MIME-Version: 1.0
> >Received: from outgoing3.securityfocus.com ([205.206.231.27]) by
> >mc1-f10.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Wed, 1
> Sep 2004
> >01:47:39 -0700
> >Received: from lists.securityfocus.com (lists.securityfocus.com
> >[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with
> QMQPid
> >E09E9273E4E; Tue, 31 Aug 2004 15:56:30 -0600 (MDT)
> >Received: (qmail 8655 invoked from network); 30 Aug 2004 14:35:57
> -0000
> >X-Message-Info: 6sSXyD95QpU39lmjQMBSF8QY3/fWlJmM
> >Mailing-List: contact security-basics-help () securityfocus com; run
> by ezmlm
> >Precedence: bulk
> >List-Id: <security-basics.list-id.securityfocus.com>
> >List-Post: <security-basics () securityfocus com>
> >List-Help: <security-basics-help () securityfocus com>
> >List-Unsubscribe: <security-basics-unsubscribe () securityfocus com>
> >List-Subscribe: <security-basics-subscribe () securityfocus com>
> >Delivered-To: mailing list security-basics () securityfocus com
> >Delivered-To: moderator for security-basics () securityfocus com
> >Message-ID: <20040830171002.79558.qmail () web40807 mail yahoo com>
> >Return-Path:
> >security-basics-return-29831-
> koremeltdown=hotmail.com () securityfocus com>X-OriginalArrivalTime:
> 01 Sep 2004 08:47:40.0644 (UTC)
> >FILETIME=[56F3E240:01C49000]
> >
> >Hi,
> >
> >I know there is a tool more sofisticated than netstat
> >
> >that can even show me which file is listening to
> >connections and stuff like that.
> >
> >do u know about such tool ?
> >
> >thanks
> >
> >
> >
> >__________________________________
> >Do you Yahoo!?
> >New and Improved Yahoo! Mail - Send 10MB messages!
> >http://promotions.yahoo.com/new_mail
> >
> >------------------------------------------------------------------
> ---------
> >Computer Forensics Training at the InfoSec Institute. All of our
> class
> >sizes
> >are guaranteed to be 12 students or less to facilitate one-on-one
> >interaction with one of our expert instructors. Gain the in-
> demand skills
> >of
> >a certified computer examiner, learn to recover trace data left
> behind by
> >fraud, theft, and cybercrime perpetrators. Discover the source of
> computer>crime and abuse so that it never happens again.
> >

>>http://www.infosecinstitute.com/courses/computer_forensics_training.html

> >------------------------------------------------------------------
> ----------
> >
>
> _________________________________________________________________
> Is your PC infected? Get a FREE online computer virus scan from
> McAfee®
> Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
>
>
> -------------------------------------------------------------------
> --------
> Computer Forensics Training at the InfoSec Institute. All of our
> class sizes
> are guaranteed to be 12 students or less to facilitate one-on-one
> interaction with one of our expert instructors. Gain the in-demand
> skills of
> a certified computer examiner, learn to recover trace data left
> behind by
> fraud, theft, and cybercrime perpetrators. Discover the source of
> computercrime and abuse so that it never happens again.
>
> http://www.infosecinstitute.com/courses/computer_forensics_training.html
> -------------------------------------------------------------------
> ---------
>
>


---------------------------------------------------------------------------

Computer Forensics Training at the InfoSec Institute. All of our classsizes

are guaranteed to be 12 students or less to facilitate one-on-one

interaction with one of our expert instructors. Gain the in-demand skillsof

a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------


_________________________________________________________________

FREE pop-up blocking with the new MSN Toolbar get it now!http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/



---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Current thread:

RE: a tool like nestat, (continued)
- RE: a tool like nestat Ivan Pascual Cortes del Valle (Sep 02)
- Re: a tool like nestat Grant . Orchard (Sep 02)
- Re: a tool like nestat Dead Sector (Sep 07)
- Re: a tool like nestat Morgan Reed (Sep 08)
- Re: a tool like nestat George Peek (Sep 02)
- RE: a tool like nestat Edgar Zapata (Sep 02)
- RE: a tool like nestat Tran, Nhon (Sep 02)
- RE: a tool like nestat Hamish Stanaway (Sep 04)
- RE: a tool like nestat Teo Gomez (Sep 08)
- Re: RE: a tool like nestat jwichman (Sep 08)
- Re: RE: a tool like nestat Hamish Stanaway (Sep 09)
- Re: RE: a tool like nestat ttate (Sep 10)
- RE: RE: a tool like nestat Bénoni MARTIN (Sep 11)