tag:blogger.com,1999:blog-13777170.post2222178123957202452..comments2024-03-11T02:35:50.848-05:00Comments on grand stream dreams: Mandiant Red Curtain - Incident Review SoftwareUnknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-13777170.post-76686986135138481802007-08-20T18:39:00.000-05:002007-08-20T18:39:00.000-05:00Hi Harlan,I haven't tried openports, but have used...Hi Harlan,<BR/><BR/>I haven't tried openports, but have used tcpvcon ( <A HREF="http://www.sysinternals.com/Utilities/TcpView.html" REL="nofollow">Tcpvcon, TCPView</A> ).<BR/><BR/>I also use <A HREF="http://keir.net/vstat.html" REL="nofollow">VStat</A>, and <A HREF="http://www.tamos.com/products/nettools/" REL="nofollow">Essential NetTools</A>.<BR/><BR/>I generally use them when I am responding to a hot machine that has shown up on our virus/trojan report list before I start cleaning to make sure I note anything out of the ordinary.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-13777170.post-52419458925865923152007-08-20T17:21:00.000-05:002007-08-20T17:21:00.000-05:00Quick comment...have you tried openports.exe or tc...Quick comment...have you tried openports.exe or tcpvcon.exe instead of cports.exe for process-to-port mapping?<BR/><BR/>Just curious...I've found that openports.exe doesn't work in all instances on Win2003...<BR/><BR/>Harlan<BR/>http://windowsir.blogspot.comH. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.com