|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Strange activity to a laptop?
From: Frank Knobbe (FKnobbe
KNOBBEITS.COM)Date: Fri Oct 06 2000 - 12:31:24 CDT
- Next message: Glenn Gillis: "Smurf attack?"
- Previous message: Lastname, Firstname: "Re: Strange activity to a laptop?"
- Maybe in reply to: LOS Ralph: "Strange activity to a laptop?"
- Next in thread: Jay Random: "Re: Strange activity to a laptop?"
- Maybe reply: Frank Knobbe: "Re: Strange activity to a laptop?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Johnson, Greg [mailto:JohnsonGMISSOURI.EDU]
> Sent: Friday, October 06, 2000 8:49 AM
>
> Ralph, I've found these useful for similar investigations.
>
> http://ntsecurity.nu/toolbox - Inzider in particular
>
> http://www.sysinternals.com - Handle, TCPView
>
> http://www.zdnet.com/downloads/stories/info/0,,000YKL,.html
> - Startup Cop reveals all levels of startup programs and
> lets you temporarily or permanently disable them.
I think you need to add TDIMon to the list of SysInternal tools. That
goes deeper into the stack and is extremely handy in finding tasks
and their ports.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME encrypted email preferred.
iQA/AwUBOd4MbERKym0LjhFcEQJ6/wCfbeMTkBhOteiUs9q6k9MvcFJB7BMAn2Xv
aiZobe3DvhQ2Xki6UgcM4c6c
=XLzm
-----END PGP SIGNATURE-----
- Next message: Glenn Gillis: "Smurf attack?"
- Previous message: Lastname, Firstname: "Re: Strange activity to a laptop?"
- Maybe in reply to: LOS Ralph: "Strange activity to a laptop?"
- Next in thread: Jay Random: "Re: Strange activity to a laptop?"
- Maybe reply: Frank Knobbe: "Re: Strange activity to a laptop?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]