Home page logo
/

basics logo Security Basics mailing list archives

Re: Server Compromised ?
From: Daniel Gil <Daniel.Gil () itcon com ar>
Date: Fri, 27 Jan 2006 18:50:27 -0300


Thank everybody for help.

Iam gonna give a look to tools like TCPView AND fport.

I have found an interesting doc at:
http://www.ucl.ac.uk/cert/win_intrusion.pdf

Iam shut down service by service doing an portscan between shutdowns to see
if some of my known services in opening more ports that the ones it should
do.

Thanks everybody !


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]