Security Basics mailing list archives
Re: What is best way to log all traffic on a windows box?
From: "Nagareshwar Talekar" <tnagareshwar () gmail com>
Date: Tue, 15 Aug 2006 13:16:21 +0530
You can use windump ( windows port of popular tool tcpdump) . You can setup the bpf filtering rules and monitor only required traffic. http://www.winpcap.org/windump/install/ If you want to monitor more than one machine on your network , then install snort on the network and setup the rules for it. Its excellent and simple way to catch these problems. Moreover its free...look here for more details www.snort.org On 8/14/06, Diarmaid McManus <diarmaidmcmanus () gmail com> wrote:
Kirvam, To log _all_ traffic, i'd advise Wireshark(formerly Etheral). You can filter packets by IP, source/destination ports, etc. www.wireshark.org ~Diarmaid. On 11/08/06, kirvam () verizon net <kirvam () verizon net> wrote: > Hi You'all, > > I would like to log traffic on a users XP box because I suspect a > re-occurring worm is opening a back door. Is there any consensus on which > tool is best for this? > > All help is appreciated. > > > Thanks! > > -kirvam > > > > > -------------------------------------------------------------------- > mail2web - Check your email from the web at > http://mail2web.com/ . > > > > --------------------------------------------------------------------------- > This list is sponsored by: Norwich University > > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE > The NSA has designated Norwich University a center of Academic Excellence > in Information Security. Our program offers unparalleled Infosec management > education and the case study affords you unmatched consulting experience. > Using interactive e-Learning technology, you can earn this esteemed degree, > without disrupting your career or home life. > > http://www.msia.norwich.edu/secfocus > --------------------------------------------------------------------------- > > --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- With Regards Nagareshwar --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- What is best way to log all traffic on a windows box? kirvam () verizon net (Aug 14)
- Re: What is best way to log all traffic on a windows box? List Spam (Aug 14)
- Re: What is best way to log all traffic on a windows box? Diarmaid McManus (Aug 14)
- Re: What is best way to log all traffic on a windows box? Nagareshwar Talekar (Aug 15)
- Re: What is best way to log all traffic on a windows box? Ivan . (Aug 15)