Forensics tools are usually for after-the-fact evidence recovery, but I can't offer a solid textbook def'n... I know what you mean though! Does netstat on cygwin help? (Even though you've figured it out now) I'd try but hot damn I haven't had a good reason to boot into winders for a while (( =
ciao Ben PS - I'm guessing netstat might have limited info on non-cygwin binaries that are running; although maybe if you start them from within cygwin? No, that shouldn't change anything, right(?), they just get handed off to te winders kernel anyway... On Fri, 22 Aug 2003 12:04:06 -0700 Cory Petkovsek <[EMAIL PROTECTED]> wrote: |..... | Can anyone recommend some win32 forensics tools that will show me | which process is sending network traffic? It's running the latest | version of norton av. I also manaully checked for sobig and blaster, | which it does not have according to symantec's research docs. | _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
