fport is a creation of foundstone. For information on how to download it go to the tools to detect hacking page.
Download fport in your C:\ drive.
Here is a picture of what you might see if you had Malware and used fport to see it:
The reason fport is superior to netstat is that it not only shows the ports that the worm is attempting to access but also the protocol and the application or malware. Once you know the name of the process you can use Task Manager to shut if off. Some apps/malware run as a system process and can only be deleted in Safe Mode.
You will need to access the Command Prompt to use fport.
To get to the Command Prompt go to Start | Run | type "cmd"
The Command Prompt may automatically put you in your home directory. You'll need to be in the C:\ to use fport (actually, you'll need to be in whatever folder you downloaded fport in).
Once in the same folder as fport type "fport."
fport will list network connections and all the applications using them.
MORE ON FPORT:
FPort v1.33 - TCP/IP Process to Port Mapper
Copyright 2000 by Foundstone, Inc.
http://www.foundstone.com
Usage:
/p sort by port
/a sort by application
/i sort by pid
/ap sort by application path
0 comments:
Post a Comment