active ports 1.4 zonelog
DESCRIPTION
Active Ports 1.4 ZoneLog. Active Ports Overview. What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned. What Active Ports Does. Monitor TCP/UDP activity Maps processes to specific ports Easy to kill processes. Where to get it. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/1.jpg)
Active Ports 1.4ZoneLog
![Page 2: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/2.jpg)
Active Ports Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned
![Page 3: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/3.jpg)
What Active Ports Does Monitor TCP/UDP activity Maps processes to specific ports Easy to kill processes
![Page 4: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/4.jpg)
Where to get it http://www.ntutility.com/freeware.ht
ml http://www.download.com
![Page 5: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/5.jpg)
Why use it Live analysis Monitor what systems access the
Internet Detect Trojans and other malware
![Page 6: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/6.jpg)
How To Use It Setup and Go
![Page 7: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/7.jpg)
![Page 8: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/8.jpg)
![Page 9: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/9.jpg)
![Page 10: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/10.jpg)
![Page 11: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/11.jpg)
![Page 12: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/12.jpg)
Observations Simple and easy to use Not very robust Little documentation Doesn’t always find the remote IP
![Page 13: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/13.jpg)
Lessons Learned Simple tool for live analysis Must know what should be open
![Page 14: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/14.jpg)
ZoneLog
![Page 15: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/15.jpg)
ZoneLog Overview What it does Where to get it Why use it How to use it Screen Shots Observations Lessons Learned
![Page 16: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/16.jpg)
Where to get it http://zonelog.co.uk/
![Page 17: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/17.jpg)
Why use it Zone Alarm does not have a good
log viewer Get a lot more info than Zone Alarm
offers
![Page 18: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/18.jpg)
What it does Incident Response Helps interpret Zone Alarm log file Gives information on data being
blocked
![Page 19: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/19.jpg)
How to use it Download VB6 runtime files Download application Find ZAlog.txt C:\WINDOWS\Internet Logs
![Page 20: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/20.jpg)
![Page 21: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/21.jpg)
![Page 22: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/22.jpg)
![Page 23: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/23.jpg)
![Page 24: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/24.jpg)
![Page 25: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/25.jpg)
![Page 26: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/26.jpg)
![Page 27: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/27.jpg)
![Page 28: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/28.jpg)
![Page 29: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/29.jpg)
![Page 30: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/30.jpg)
![Page 31: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/31.jpg)
![Page 32: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/32.jpg)
![Page 33: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/33.jpg)
![Page 34: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/34.jpg)
![Page 35: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/35.jpg)
![Page 36: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/36.jpg)
![Page 37: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/37.jpg)
Observations Not all data about attack is true Not all features are useful
Activity graph Good documentation
![Page 38: Active Ports 1.4 ZoneLog](https://reader035.vdocuments.net/reader035/viewer/2022062422/5681346b550346895d9b516e/html5/thumbnails/38.jpg)
Lessons Learned Lots of harmless traffic Big improvement over ZA log viewer