-
March 11th, 2015, 08:25 PM
#1
TCP Security
Hi Gurls/Guys
I am currently working on a Windows 8.1 System fully patched with Avast Anti-Virus. Now the question I have is relating to connections via the web
1. How do I understand the NETSTAT information such as connected addresses and ports are their any apps to aid quick diagnostics, like Hijackthis displays everything running in start up, with a easy to diagnose interface.
2. Why the would port 21 be showing closed (instead of stealth via GRC)
How can I improve the security of this laptop and in general, the laptop accesses the web via a router and which is firewalled.
Cheers
ZL
-
March 11th, 2015, 08:37 PM
#2
I've managed to find a open entry on the router's firewall setting a removed the ftp entry, why such a entry was there is worrying. I will keep a eye on this and perhaps change the security on the router i.e. admin credentials and monitor the situation.
Last edited by Zorolord; March 11th, 2015 at 08:41 PM.
-
March 11th, 2015, 08:43 PM
#3
Struggling to change the administrator's password on the router, I am concerned that someone has been changing something on there. I will try to factory reset the router and attempt to change it again :S
-
March 11th, 2015, 10:58 PM
#4
Reset the router. And reconfigure the passwords.
-
March 13th, 2015, 10:05 AM
#5
Hi Shay, I've done that however when I reset the factory reset the router the ftp entry was back, so again I removed it and I've change the administrator password on the router to prevent any further tampering.
Also the machine is infected with malware called hckpk-e (https://www.sophos.com/en-us/threat-...l~HckPk-E.aspx) apparently spyhunter is good at getting rid of this program, I will try all the programs you suggested first as it buries deep in the registry. The Sophos remover doesn't seem to work, maybe I should try it offline.
Would also be interesting to analyst connections from the machine on netstat, but I don't know if there is a quick solution to identify programs and ports used?
-
March 14th, 2015, 12:25 AM
#6
Netstat
http://www.computerhope.com/netstat.htm
you can combine
netstat -an is one I have used.
Off line:
Download Sophos Free Virus Removal Tool and save it to your desktop.
- Double click the icon and select Run
- Click Next
- Select I accept the terms in this license agreement, then click Next twice
- Click Install
- Click Finish to launch the program
- Once the virus database has been updated click Start Scanning
- If any threats are found click Details, then View log file... (bottom left hand corner)
- Close the Notepad document, close the Threat Details screen, then click Start cleanup
- Click Exit to close the program
-
April 1st, 2015, 09:47 AM
#7
Thanks for your advice again, I couldn't make sense of the NETSTAT information it's a lot clearer and easier seeing just the ip addresses rather then their DNS Addresses.
Thanks again
ZL
Similar Threads
-
By prodikal in forum *nix Security Discussions
Replies: 3
Last Post: November 7th, 2005, 08:07 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|