Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Unknown App

from [Sharad Birmiwal] Network Security [Permanent Link]
Subject: Re: Unknown App
Date: Fri, 22 Jul 2005 15:00:48 +0530 
i recently discovered some worm on my network that tried to spread a
payload file 'xxxxxxxx' by binding on port 80. it didn't serve a
banner or any webpages, but http://<ip>/xxxxxxxx worked.

sharad birmiwal

On 7/21/05, Scott Fuhriman <fuhrimans@llix.net> wrote:


The easiest and fastest approach is to use a port mapping utility like
Active Ports
(http://www.ntutility.com) or TCPview (www.sysinternals.com) (there are
others like fport, etc...) which will allow you to see what process has port
80 open on the machines.

This will allow you to identify what application/process is utilizing that
port.



Scott Fuhriman
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [PTsecurity] MaxPatrol Network Security Scanner - Free unlimited version has been released., Alexander Anisimov
Next by Date:  RE: verify HTTPS 'vulnerabilities', Carl
Previous by Thread:  Unknown App, Scott Fuhriman
Next by Thread:  Unknown App, Scott Fuhriman
Indexes:  [Date] [Thread] [Top] [All Lists]