Results 1 to 7 of 7

Thread: TCP Security

  1. #1
    Senior Member Zorolord's Avatar
    Join Date
    Sep 2001
    Posts
    142

    TCP Security

    Hi Gurls/Guys

    I am currently working on a Windows 8.1 System fully patched with Avast Anti-Virus. Now the question I have is relating to connections via the web

    1. How do I understand the NETSTAT information such as connected addresses and ports are their any apps to aid quick diagnostics, like Hijackthis displays everything running in start up, with a easy to diagnose interface.

    2. Why the would port 21 be showing closed (instead of stealth via GRC)

    How can I improve the security of this laptop and in general, the laptop accesses the web via a router and which is firewalled.

    Cheers
    ZL

  2. #2
    Senior Member Zorolord's Avatar
    Join Date
    Sep 2001
    Posts
    142
    I've managed to find a open entry on the router's firewall setting a removed the ftp entry, why such a entry was there is worrying. I will keep a eye on this and perhaps change the security on the router i.e. admin credentials and monitor the situation.
    Last edited by Zorolord; March 11th, 2015 at 08:41 PM.

  3. #3
    Senior Member Zorolord's Avatar
    Join Date
    Sep 2001
    Posts
    142
    Struggling to change the administrator's password on the router, I am concerned that someone has been changing something on there. I will try to factory reset the router and attempt to change it again :S

  4. #4
    Friend of Site Staff
    Join Date
    May 2012
    Posts
    389
    Reset the router. And reconfigure the passwords.

  5. #5
    Senior Member Zorolord's Avatar
    Join Date
    Sep 2001
    Posts
    142
    Hi Shay, I've done that however when I reset the factory reset the router the ftp entry was back, so again I removed it and I've change the administrator password on the router to prevent any further tampering.

    Also the machine is infected with malware called hckpk-e (https://www.sophos.com/en-us/threat-...l~HckPk-E.aspx) apparently spyhunter is good at getting rid of this program, I will try all the programs you suggested first as it buries deep in the registry. The Sophos remover doesn't seem to work, maybe I should try it offline.

    Would also be interesting to analyst connections from the machine on netstat, but I don't know if there is a quick solution to identify programs and ports used?

  6. #6
    Friend of Site Staff
    Join Date
    May 2012
    Posts
    389
    Netstat
    http://www.computerhope.com/netstat.htm
    you can combine

    netstat -an is one I have used.

    Off line:

    Download Sophos Free Virus Removal Tool and save it to your desktop.

    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program

  7. #7
    Senior Member Zorolord's Avatar
    Join Date
    Sep 2001
    Posts
    142
    Thanks for your advice again, I couldn't make sense of the NETSTAT information it's a lot clearer and easier seeing just the ip addresses rather then their DNS Addresses.

    Thanks again
    ZL

Similar Threads

  1. Replies: 3
    Last Post: November 7th, 2005, 08:07 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •