Presentation is loading. Please wait.

Presentation is loading. Please wait.

Active Ports 1.4 ZoneLog. Active Ports Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned.

Published byVernon Adams Modified over 9 years ago

Similar presentations

Presentation on theme: "Active Ports 1.4 ZoneLog. Active Ports Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned."— Presentation transcript:

1 Active Ports 1.4 ZoneLog

2 Active Ports Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned

3 What Active Ports Does Monitor TCP/UDP activity Maps processes to specific ports Easy to kill processes

4 Where to get it http://www.ntutility.com/freeware.h tml http://www.ntutility.com/freeware.h tml http://www.download.com

5 Why use it Live analysis Monitor what systems access the Internet Detect Trojans and other malware

6 How To Use It Setup and Go

7

8

9

10

11

12 Observations Simple and easy to use Not very robust Little documentation Doesn’t always find the remote IP

13 Lessons Learned Simple tool for live analysis Must know what should be open

14 ZoneLog

15 ZoneLog Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned

16 Where to get it http://zonelog.co.uk/

17 Why use it Zone Alarm does not have a good log viewer Get a lot more info than Zone Alarm offers

18 What it does Incident Response Helps interpret Zone Alarm log file Gives information on data being blocked

19 How to use it Download VB6 runtime files Download application Find ZAlog.txt C:\WINDOWS\Internet Logs

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37 Observations Not all data about attack is true Not all features are useful Activity graph Good documentation

38 Lessons Learned Lots of harmless traffic Big improvement over ZA log viewer

Download ppt "Active Ports 1.4 ZoneLog. Active Ports Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned."

Similar presentations

VirtualSim Inc. Real tools for virtual worlds Presentation.

VirtualSim Inc. Real tools for virtual worlds Presentation.
| | We make life more comfortable 1 TCP/IP Web HVAC Network Controller & Viewer.

| | We make life more comfortable 1 TCP/IP Web HVAC Network Controller & Viewer.
AB Tutor Control PC Remote Access Software. - Key Features

AB Tutor Control PC Remote Access Software. - Key Features
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.

Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
FireClass FC501. What’s FC501 ? An entry level Triple Circuit Single Loop addressable system featuring Intelli-Zone mapping An “out of the box” panel.

FireClass FC501. What’s FC501 ? An entry level Triple Circuit Single Loop addressable system featuring Intelli-Zone mapping An “out of the box” panel.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 實驗五:媒介存取協定模擬 教師: 助教:. 2 Outline  Background  Transmission Protocols  ALOHA  CSMA/CD  CSMA/CA  Network Devices  Hub  Switch  Access Point (AP)

1 實驗五:媒介存取協定模擬 教師: 助教:. 2 Outline  Background  Transmission Protocols  ALOHA  CSMA/CD  CSMA/CA  Network Devices  Hub  Switch  Access Point (AP)
Introduction to the Internet How did the Internet start? Why was the Internet developed? How does Internet handle the traffic? Why WWW changed the Internet.

Introduction to the Internet How did the Internet start? Why was the Internet developed? How does Internet handle the traffic? Why WWW changed the Internet.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Your solution to unsupervised practice, assessment, accountability.

Your solution to unsupervised practice, assessment, accountability.
Remote Surveillance System Presented by: Robarin Holdings Limited Telephone: +44-870-729-7837 Facsimile: +44-870-922-3-222 -

Remote Surveillance System Presented by: Robarin Holdings Limited Telephone: Facsimile:
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Defeating Large Scale Attacks: Technology and Strategies for Global Network Monitoring The NetViewer Experiment PAVG in collaboration with Networking Systems.

Defeating Large Scale Attacks: Technology and Strategies for Global Network Monitoring The NetViewer Experiment PAVG in collaboration with Networking Systems.
PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.

PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.
Wireshark Presented By: Hiral Chhaya, Anvita Priyam.

Wireshark Presented By: Hiral Chhaya, Anvita Priyam.
China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.

China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.
IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.

IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.

Similar presentations

Ads by Google