Σε ποια πόρτα ακούει τι; (Netstat, Task Manager, Tasklist)

  • Article

??? ?a ß?? ??????a p??? p????aµµa ???e? listening p?? ? a? p??spa?e? ?a s??de?e?;

?pa?a?t?ta tools e??a? ta:

netstat – p??ß??e? ??a t?? e?e???? ?a? a????t?? s??d?se?? ?a??? ?a? ?se? p??spa???? ?a ep?te??????

Task Manager – p??ß??e? ??e? t?? d?e??as?e? p?? e?te????ta?

Tasklist – ?d?? µe t?? task manager ap? command prompt

?p? command prompt d????µe:

netstat –ano

netstat

?a switches t?? netstat

a: de???e? ??a t?? s??d?se??

n: de? ???e? resolve ips & ports (1.)

?: eµfa???e? st??? st?? ?p??a a?a???feta? t? PID (Process IDentifier) t?? process p?? e??a? ?pe????? ??a t? connection (2.)

?p?µe?? ß?µa e??a? ?a p?µe st?? ???st? µa? task manager (taskmgr.exe) ?a? eµfa??s??µe t?? st??? µe ta PIDs.

???a????µe View –> Select Columns

taskmgr 

?p??????µe t? PID.

PID

????? d?p?a st?? st??? µe t? ???µa t? e?te??s?µ?? eµfa???eta? t? PID ?a? µp????µe e????a ?a t? s??d??s??µe µe t? ap?t??esµa t?? st???? t?? netstat –ano

?? ???eta? ?µ?? st?? pe??pt?s? p?? t? process de? e??a? ???? ap? t? ???st? svchost (Host Process for Windows Services); ?????? f???? t? svchost ?e????e? pe??ss?te?a ap? ??a services µe t? ?d?? PID ?p?te de? µp????µe ?a e?µaste s??????? ??a p??? ap? ??a µ???µe. ?d? ???eta? ?a ß????se? t? tasklist.

?p? command prompt d????µe tasklist /svc

tasklist .svc

??a??a?t??? se Windows Vista/2008 µp??e? ?a ???s?µ?p????e? ? Task Manager ?p?? µe de?? ???? st? process eµfa???eta? ? ep????? “Go to Service(s)” ?a? µp????µe ?a d??µe ??a p??a services e??a? ?pe????? t? executable.

??st???? t? switch –o st? netstat de? ?p?st????eta? p??? ta Windows XP ?p?te e?e? ? ??s? e??a? t? Tcpview (sysinternals)

tcpview

?? netstat e??a? a??et? ???s?µ? e?t??? ?a? µp????µe µe µ????? µ??f?p???se?? ?a ß?????µe ??????a s?µpe??sµata ??a t?? s??d?se?? p?? ??e? ? p??spa?e? ?a ???e? t? s?st?µa. G?a pa??de??µa t? switch –b eµfa???e? t? executable p?s? ap? ???e connection.

????? p??? s?µa?t??? e??a? ?a? ? st??? t?? state p?? fa??eta? ? ?at?stas? t?? s??des?? (listening, established, SYN_Sent ??p.). ?e??ss?te?a ??a ta states t?? netstat se ?e?te?? d?µ?s?e?s?.