O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5

Windows Ports and Services

A large part of conducting a network investigation is identifying items that are out of place. Just as an investigator at the scene of a burglary might look for items that have been moved, broken, or left behind by the burglar as potential evidence, so too must the network investigator survey the digital crime scene, looking for items that are out of place. For the burglary investigator, these items may include windows or doors that were left open or burglary tools that were left behind. When examining a computer that may have been involved in a crime, the concept remains the same; instead of examining open windows, we will examine open ports, and the tools we find left behind will be files or processes rather ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required