SuperFly07
asked on
Antivirus
How can you discover what port a viruses uses to infect a computer on a network. We have Symantec server. Can you supply me with a freeware to do forensic to help learn about what port a virus comes in on.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That will depend on what the virus is. Did Symantec already identify the virus?
ASKER
Yes it has but we are tying to locate the port and site from which it was downloaded.
Can you post the name or some description of the virus. Without knowing that it will be hard to know.
Otherwise you just have to review your open network ports, password policy, file creation dates and times, and network logs (e.g. ftp server, web server etc.) and hope to find something around the time of the infection. The time of infection can be deduced by looking at all files created by the virus and checking dates and times.
Otherwise you just have to review your open network ports, password policy, file creation dates and times, and network logs (e.g. ftp server, web server etc.) and hope to find something around the time of the infection. The time of infection can be deduced by looking at all files created by the virus and checking dates and times.
Hope you got some info on how the virus got in.
Thanks and good luck.
Thanks and good luck.
ASKER