In Linux, you’d simply type: shell>watch "netstat -ano |grep ':80'" Anyway, assuming it’s port 80 you are looking for: We could simply look for “TCP” connections and find which ports they are using. In reality though spyware can connect to any port, these are simply the most common. Port 80 is a web server, and most worms and malware connect via HTTP (a web server on port 80), or HTTPS (an encrypted webserver on port 443). This is a typical method of investigating for spyware infections… Lets say we wanted to loop over and over watching for port 80 connections (perhaps we are looking for a worm and trying to find out where it connects to, or we want to investigate all connections that our computer is making without our permission/knowledge). You’ll also learn how to run dos programs in a for loop …. This tutorial will tell you how to test if you are infected with worms, trojans and other types of malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |