Security Basics mailing list archives

Re: RE: Any tools to log the traffic/process information on Windows startup?

From: "Kelly Keeton" <kellyrkeeton () gmail com>
Date: Thu, 22 May 2008 09:33:12 -0700

ok I can agree with the OP requirements, as far as the last Q to force
it to load before anything else you would need to load as a driver to
get in at the kernel level.

anything that is loaded via registry, win.ini startup could have
something load before it with a good root kit in the case of a virus.

IMO you would need to run a wireshark in tandem with a PID/Port
watcher or use the microsoft product in prior email I assume that is a
driver loaded application

On Thu, May 22, 2008 at 12:02 AM, Michael Painter <tvhawaii () shaka com> wrote:


----- Original Message ----- From: "Kelly Keeton" <kellyrkeeton () gmail com>
To: <security-basics () securityfocus com>
Sent: Wednesday, May 21, 2008 12:54 PM
Subject: Re: RE: Any tools to log the traffic/process information on Windows
startup?

that tool looks horrible, who would pay for this function?!?! no
offense but that looks like a VB6 app from hell.

why not use free things like sysinternals.com or nirsoft tools? they
do the EXACT SAME THING for free and are not coded in VB6

when i need a tool to scan ports i don't want it also "synching time"

On Wed, May 21, 2008 at 2:03 PM,  <gpickett71 () yahoo com> wrote:


A good tool is AW Ports Traffic Analyzer.  You can check it out at
http://www.atelierweb.com/pta/.  It has a demonstration mode that is fully
functioning but logs only 3MB worth of data.  The full version which is
pretty cheap will log up to 500MB.




I don't see the  EXACT SAME THING at all.
I took some time and re-sized the windows/partitions/columns (which it
remembers!), and this tool is actually pretty nice.
The 3MB buffer of the free edition could be enough to do what the OP
wanted...log the startups.

when i need a tool to scan ports i don't want it also "synching time"<<


What, exactly, do you mean by this?

My question is how do you make sure it runs before anything else is started?
  Put it the Startup Folder? Registry? Win.ini?

Thanks,

--Michael

Current thread:

Any tools to log the traffic/process information on Windows startup? 2guotou (May 21)
- RE: Any tools to log the traffic/process information on Windows startup? Tyler, Grayling (May 21)
- Re: Any tools to log the traffic/process information on Windows startup? Jørgen Hovelsen (May 25)
- <Possible follow-ups>
- Re: Any tools to log the traffic/process information on Windows startup? krymson (May 21)
- Re: RE: Any tools to log the traffic/process information on Windows startup? gpickett71 (May 21)
  - Re: RE: Any tools to log the traffic/process information on Windows startup? Kelly Keeton (May 21)
    - Re: RE: Any tools to log the traffic/process information on Windows startup? Michael Painter (May 22)
    - Re: RE: Any tools to log the traffic/process information on Windows startup? Kelly Keeton (May 22)
    - Re: RE: Any tools to log the traffic/process information on Windows startup? Michael Painter (May 23)
    - Re: RE: Any tools to log the traffic/process information on Windows startup? kunwon1 (May 23)
    - Re: RE: Any tools to log the traffic/process information on Windows startup? Yan Zhai (May 23)
    - Re: RE: Any tools to log the traffic/process information on Windows startup? Michael Painter (May 27)
- Re: Any tools to log the traffic/process information on Windows startup? petr . maps (May 26)
  - Re: Any tools to log the traffic/process information on Windows startup? Michael Painter (May 26)