To trace hackers you need the following tools:
netstat
tracert ;[ip or hostname]
To find out the hackers ip you can use the netstat command in windows cmd.
netstat -an displays all incoming/outgoing connections
[protocol-your ip:port incoming ip:port status]
netstat -a will display same information, but not in numerical form.
connections to ports higer than 49000 are very suspicious. 1023-49000 are less suspicious but might be dangerous.
before giving netstat command it suggested to close all browsers, msn and other applications that use internet. this way the number of connections is smaller and malicious connections are more easily found.
Once you have found the suspicious ip that is connected to high nr port, you can trace it by using tracert (trace route)
tracert 192.168.99.3 will list all machines that are between your computer and target ip.
usually this list contains the hackers ISP.
if you need to get some more info about some e-mail address(that may have sent you some trojans) you can use the site http://samspade.org/;
http://forums.techarena.in/guides-tutorials/443453.htm
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment