RE: a tool like nestat

From: Teo Gomez (tgomez_at_ubiquitelpcs.com)
Date: 09/07/04

Next message: UNKNOWN_AT_HP_at_hp.com: "Security (maybe basic) question"

Previous message: linux user: "discovering a service behind a nated network"
Maybe in reply to: Juan B: "a tool like nestat"
Next in thread: jwichman_at_new.rr.com: "Re: RE: a tool like nestat"
Maybe reply: jwichman_at_new.rr.com: "Re: RE: a tool like nestat"
Maybe reply: Hamish Stanaway: "Re: RE: a tool like nestat"
Maybe reply: ttate_at_ctscorp.com: "Re: RE: a tool like nestat"
Maybe reply: Bénoni MARTIN: "RE: RE: a tool like nestat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 7 Sep 2004 13:33:09 -0400
To: "Hamish Stanaway" <koremeltdown@hotmail.com>, <juanbabi@yahoo.com>, <security-basics@securityfocus.com>

Windows has a tool that is more robust than netstat, it's called Port
Reporter - PortRptr.

See:
http://www.microsoft.com/downloads/details.aspx?FamilyID=69ba779b-bae9-4
243-b9d6-63e62b4bcd2e&displaylang=en

Thanks,

Teo

-----Original Message-----
From: Hamish Stanaway [mailto:koremeltdown@hotmail.com]
Sent: Wednesday, September 01, 2004 5:30 AM
To: juanbabi@yahoo.com; security-basics@securityfocus.com
Subject: RE: a tool like nestat

Hi there Juan,

What version of windows are you using (I presume you are using windows
as
you refer to netstat)?
It is possible to track what application is using what port using the
process number, all doable via a standard XP box in DOS.
If you are more interested, let me know and I will find the thread
(which
admittedly is around a year old now) which refers to how to do this.

Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com

>From: Juan B <juanbabi@yahoo.com>
>To: security-basics@securityfocus.com
>Subject: a tool like nestat
>Date: Mon, 30 Aug 2004 10:10:02 -0700 (PDT)
>MIME-Version: 1.0
>Received: from outgoing3.securityfocus.com ([205.206.231.27]) by
>mc1-f10.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Wed, 1 Sep
2004
>01:47:39 -0700
>Received: from lists.securityfocus.com (lists.securityfocus.com
>[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid
>E09E9273E4E; Tue, 31 Aug 2004 15:56:30 -0600 (MDT)
>Received: (qmail 8655 invoked from network); 30 Aug 2004 14:35:57 -0000
>X-Message-Info: 6sSXyD95QpU39lmjQMBSF8QY3/fWlJmM
>Mailing-List: contact security-basics-help@securityfocus.com; run by
ezmlm
>Precedence: bulk
>List-Id: <security-basics.list-id.securityfocus.com>
>List-Post: <mailto:security-basics@securityfocus.com>
>List-Help: <mailto:security-basics-help@securityfocus.com>
>List-Unsubscribe:
<mailto:security-basics-unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:security-basics-subscribe@securityfocus.com>
>Delivered-To: mailing list security-basics@securityfocus.com
>Delivered-To: moderator for security-basics@securityfocus.com
>Message-ID: <20040830171002.79558.qmail@web40807.mail.yahoo.com>
>Return-Path:
>security-basics-return-29831-koremeltdown=hotmail.com@securityfocus.com
>X-OriginalArrivalTime: 01 Sep 2004 08:47:40.0644 (UTC)
>FILETIME=[56F3E240:01C49000]
>
>Hi,
>
>I know there is a tool more sofisticated than netstat
>
>that can even show me which file is listening to
>connections and stuff like that.
>
>do u know about such tool ?
>
>thanks
>
>
>
>__________________________________
>Do you Yahoo!?
>New and Improved Yahoo! Mail - Send 10MB messages!
>http://promotions.yahoo.com/new_mail
>
>-----------------------------------------------------------------------

----
>Computer Forensics Training at the InfoSec Institute. All of our class 
>sizes
>are guaranteed to be 12 students or less to facilitate one-on-one
>interaction with one of our expert instructors. Gain the in-demand
skills 
>of
>a certified computer examiner, learn to recover trace data left behind
by
>fraud, theft, and cybercrime perpetrators. Discover the source of
computer
>crime and abuse so that it never happens again.
>
>http://www.infosecinstitute.com/courses/computer_forensics_training.htm
l
>-----------------------------------------------------------------------
-----
>
_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from
McAfee(r) 
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
------------------------------------------------------------------------
---
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand
skills of
a certified computer examiner, learn to recover trace data left behind
by
fraud, theft, and cybercrime perpetrators. Discover the source of
computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Next message: UNKNOWN_AT_HP_at_hp.com: "Security (maybe basic) question"

Previous message: linux user: "discovering a service behind a nated network"
Maybe in reply to: Juan B: "a tool like nestat"
Next in thread: jwichman_at_new.rr.com: "Re: RE: a tool like nestat"
Maybe reply: jwichman_at_new.rr.com: "Re: RE: a tool like nestat"
Maybe reply: Hamish Stanaway: "Re: RE: a tool like nestat"
Maybe reply: ttate_at_ctscorp.com: "Re: RE: a tool like nestat"
Maybe reply: Bénoni MARTIN: "RE: RE: a tool like nestat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Does anyone know what this is?
... When I did Netstat, I saw four established connections from my computer to ... Windows XP Home Edition from the disks Dell sent with the computer. ... to find out what process is listening on that port. ...
(microsoft.public.dotnet.general)
Re: port 14909
... pstools with the pslist command from www.sysinternals.com, ... remember having problems running these on Windows XP. ... I think you may be able to use the NETSTAT command under XP to get this ... > Do you know if Microsoft opens this port by default for Software ...
(microsoft.public.inetserver.iis.security)
RE: Hidden windows ports, files and services.
... found two processes running listening on port 21. ... complete port scan on the system to see what else is happening try NMAP ... Run "netstat -baon". ... No telnet service was found in Windows service list. ...
(Security-Basics)
Map port to process
... Is there a way in python to figure out which process is running on ... which port? ... I know in Windows XP you can run "netstat -o" and see the ... tied to windows particularly, hopefully something in python. ...
(comp.lang.python)
Re: keeping ports open
... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ...
(microsoft.public.security)