O'Reilly logo

Windows Forensics and Incident Recovery by Harlan Carvey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Third Dream

Andy found himself sitting at his desk again. This time, he had a sense that he'd already talked to Dave. As he thought about the situation for a moment, it occurred to him that he really didn't have a whole lot of information. Sure, he had the IP address of the system in question, and Dave had told him that the traffic that had been detected was TFTP and IRC. Andy knew that the network engineers identified network traffic by the ports that were used, particularly the destination ports. This meant that the outbound traffic was to UDP port 69 and to TCP port 6667, respectively. So he had the source IP address for the traffic (i.e., the system in question) as well as the destination ports. He decided that the best thing to do was to ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required