O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Scanning the Victim System

Another way of determining which ports are open on a victim system is to perform an external port scan of the system. By scanning the box, any ports that are open should respond to connection requests and be detected by a port scanner. You can compare these results to the output of live-analysis tools such as netstat to corroborate their results or draw attention to open ports that were masked by kernel-level rootkits.

Scanning a system is a relatively simple task that can be accomplished using freely available tools. One such tool is Nmap, a free security scanner for network exploration and hacking that is available for download from www.nmap.org. This tool can perform a variety of scan types against a specified range ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required