|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Spamming, 'hidden' mail server
From: Jérôme Tytgat (jerome.tytgat
asterion.fr)
Date: Fri Oct 10 2003 - 10:02:11 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
When it comes to forensics on Wxx, I'm always using tools
from sysinternals.
- procexpl (Process Explorer) to find out what process/dll are really
running and the dependencies
- TCPView to find which process is listening to which port
- TDIMon is really useful as it track down the process talking to the
network and list
what they are doing.
There's some other tools that I find convenient too...
In fact I've downloaded all of them in a directory.
You don't need to install anything, they are self running tools
Jerome.
--
=================================
> Jérôme Tytgat
Administrateur Réseau et Sécurité
=== jerome.tytgatasterion.fr ===
=================================
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]