Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Technicians Log File And Protocol / Ports


  • Please log in to reply
No replies to this topic

#1 Jonas Blane

Jonas Blane

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 11 November 2007 - 05:44 AM

1. As a techicians what should I be looking for in the log file that would indicate a computer is infected?

Would it be the Network Time Protocol on port 123? I know that this allows the computers on the internet to synchonize their time with a centralize time server, however without time syschronization some security mechananisms doesn't function properly and it's important to for it to look though the log files for security and other problems.

2. What protocol and ports are use if for example if a "Korgo virus" has been detected?

Would it be the TCP protocol and ports 20, 21, 25, 80 and 443?

Jonas

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users