Security Basics mailing list archives
RE: RE: a tool like nestat
From: Bénoni MARTIN <Benoni.MARTIN () libertis ga>
Date: Fri, 10 Sep 2004 09:25:51 +0100
Yep, -b is with XP Pro...but with the SP2, you are probably with SP1. However, SP2 does not seem reliable enough and many usual applications does not seem to work well with SP2 ... Visio from foundstone is quite a good tool, however it does not work under XP :(. I can advice you TCPView (from www.sysinternals.com I think), or PortReporter(PortRptr.exe from Micro$oft)... HTH ! -----Message d'origine----- De : Hamish Stanaway [mailto:koremeltdown () hotmail com] Envoyé : jeudi 9 septembre 2004 08:50 À : jwichman () new rr com Cc : juanbabi () yahoo com; security-basics () securityfocus com Objet : Re: RE: a tool like nestat Hi there, Netstat -bvan does not work for me. Netstat -van does however, so maybe there is no -b switch on XP Pro? The method I was talking about you take the PID from netstat and run it against task, and it tells you the application for that particular PID. I would love to learn a new way of how to do this though :) Kindest of regards, Hamish Stanaway, CEO Absolute Web Hosting / -= KoRe WoRkS =- Internet Security Auckland, New Zealand http://www.webhosting.net.nz http://www.buywebhosting.co.nz http://www.koreworks.com
From: jwichman () new rr com Reply-To: jwichman () new rr com To: Hamish Stanaway <koremeltdown () hotmail com> CC: juanbabi () yahoo com, security-basics () securityfocus com Subject: Re: RE: a tool like nestat Date: Sun, 05 Sep 2004 03:26:41 -0500 MIME-Version: 1.0 Received: from outgoing3.securityfocus.com ([205.206.231.27]) by mc4-f18.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Thu, 9 Sep 2004 00:20:10 -0700 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid DF5682396F6; Tue, 7 Sep 2004 11:05:16 -0600 (MDT) Received: (qmail 29899 invoked from network); 5 Sep 2004 02:06:53 -0000 X-Message-Info: JGTYoYF78jFA/WoKFoslzZt1x97yDnKd Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Message-id: <126418c1264ce4.1264ce4126418c () rdc-kc rr com> X-Mailer: iPlanet Messenger Express 5.2 HotFix 1.21 (built Sep 8 2003) Content-language: en X-Accept-Language: en Priority: normal X-Virus-Scanned: Symantec AntiVirus Scan Engine Return-Path: security-basics-return-29892-koremeltdown=hotmail.com () securityfocus com X-OriginalArrivalTime: 09 Sep 2004 07:20:10.0670 (UTC) FILETIME=[71076CE0:01C4963D] I believe you're looking for netstat -bvan netstat /? will give more information.... that is if you're using a XP box. Otherwise I normally use a program from systernals.com to get the details... can't think of the program name off the top of my head though. ----- Original Message ----- From: Hamish Stanaway <koremeltdown () hotmail com> Date: Wednesday, September 1, 2004 4:29 am Subject: RE: a tool like nestatHi there Juan, What version of windows are you using (I presume you are using windows as you refer to netstat)? It is possible to track what application is using what port using the process number, all doable via a standard XP box in DOS. If you are more interested, let me know and I will find the thread (which admittedly is around a year old now) which refers to how to do this. Kindest of regards, Hamish Stanaway, CEO Absolute Web Hosting / -= KoRe WoRkS =- Internet Security Auckland, New Zealand http://www.webhosting.net.nz http://www.buywebhosting.co.nz http://www.koreworks.comFrom: Juan B <juanbabi () yahoo com> To: security-basics () securityfocus com Subject: a tool like nestat Date: Mon, 30 Aug 2004 10:10:02 -0700 (PDT) MIME-Version: 1.0 Received: from outgoing3.securityfocus.com ([205.206.231.27]) by mc1-f10.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Wed, 1Sep 200401:47:39 -0700 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing3.securityfocus.com (Postfix) withQMQPidE09E9273E4E; Tue, 31 Aug 2004 15:56:30 -0600 (MDT) Received: (qmail 8655 invoked from network); 30 Aug 2004 14:35:57-0000X-Message-Info: 6sSXyD95QpU39lmjQMBSF8QY3/fWlJmM Mailing-List: contact security-basics-help () securityfocus com; runby ezmlmPrecedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <security-basics () securityfocus com> List-Help: <security-basics-help () securityfocus com> List-Unsubscribe: <security-basics-unsubscribe () securityfocus com> List-Subscribe: <security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Message-ID: <20040830171002.79558.qmail () web40807 mail yahoo com> Return-Path: security-basics-return-29831-koremeltdown=hotmail.com () securityfocus com>X-OriginalArrivalTime: 01 Sep 2004 08:47:40.0644 (UTC)FILETIME=[56F3E240:01C49000] Hi, I know there is a tool more sofisticated than netstat that can even show me which file is listening to connections and stuff like that. do u know about such tool ? thanks __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail ---------------------------------------------------------------------------Computer Forensics Training at the InfoSec Institute. All of ourclasssizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skillsof a certified computer examiner, learn to recover trace data leftbehind byfraud, theft, and cybercrime perpetrators. Discover the source ofcomputer>crime and abuse so that it never happens again.http://www.infosecinstitute.com/courses/computer_forensics_training.html----------------------------------------------------------------------------_________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 ------------------------------------------------------------------- -------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computercrime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------- ------------------------------------------------------------------------------------ Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
_________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- Re: a tool like nestat, (continued)
- Re: a tool like nestat Dead Sector (Sep 07)
- Re: a tool like nestat Morgan Reed (Sep 08)
- Re: a tool like nestat George Peek (Sep 02)
- RE: a tool like nestat Edgar Zapata (Sep 02)
- RE: a tool like nestat Tran, Nhon (Sep 02)
- RE: a tool like nestat Hamish Stanaway (Sep 04)
- RE: a tool like nestat Teo Gomez (Sep 08)
- Re: RE: a tool like nestat jwichman (Sep 08)
- Re: RE: a tool like nestat Hamish Stanaway (Sep 09)
- Re: RE: a tool like nestat ttate (Sep 10)
- RE: RE: a tool like nestat Bénoni MARTIN (Sep 11)