Wednesday 29 April 2015

NETWORK SCANNING TOOLS

NETWORK SCANNING/TROUBLESHOOTING TOOLS

Advanced IP Scanner: Scanning System and Network Resources

 ID Serve: Banner Grabbing to Determine a Remote Target System

 Amap: Fingerprint Open Ports for Running Applications

 CurrPorts: Monitor TCP/IP Connections

 GFI LanGuard: Scan a Network for Vulnerabilities

 Nmap: Explore and Audit a Network

 NetScan Tools Pro: Scanning a Network

 LANSurveyor: Drawing Network Diagrams

 Friendly Pinger: Mapping a Network

 NessusScanning a Network

 Global Network Inventory: Auditing Scanning

 Proxy Switcher: Anonymous Browsing

 Proxy Workbench: Daisy Chaining

 HTTPort: HTTP Tunneling

 MegaPing: Basic Network Troubleshooting

 G-Zapper: Detect, Delete and Block Google Cookies

 Colasoft Packet Builder: Scanning the Network

 Dude: Scanning Devices in a Network
Posted by at 2 comments:

NMAP PORT SCANNING COMMANDS

NMAP PORT SCANNING COMMANDS

 1. To scan a udp port of a host
nmap -v -sU -Pn 10.10.x.xx

 2. To scan TCP ports ranging from 1 to 65535 of a host
nmap -v -Pn -p1-65535 10.10.x.xx

Posted by at No comments:

Tuesday 28 April 2015

UNHIDE THE HIDDEN FILES AND FOLDERS IN WINDOWS

How to un-hide all the files and folders in windows?
How to un-hide all the files and folders in windows with hide option locked?
How to un-hide all the files and folders in windows hidden and locked by virus?

1. Open a command prompt from start menu and run following command to un-hide the files in f: drive.
attrib -r -s -h f:\*

2. Open a command prompt from start menu and run following command to un-hide the files and folders in f: drive.
attrib -r -s -h f:\* /s /d
Posted by at 2 comments:

Friday 24 April 2015

IBM QRADAR WINCOLLECT AGENT INSTALLATION AND CONFIGURATION

WinCollect Agent Installation, Configuration and Troubleshooting
NOTE: Always install wincollect agent with Admin privileges
Always stop service then start
Always stop service before uninstalling wincollect agent
Always delete previous wincollect agent folder in hard drive in case of re-installation

WinCollect Installation Steps:
1. Always install wincollect agent with Admin privileges

2. Click Next

3. Accept the agreement and Click Next

4. Let the user name and organization as it is and Click Next

5. Select the Installation path if you have space in C: drive then leave it as  it is other wise change it
Note: Wincollect can cache 600MB (as per setting) logs in default path

6. Put Host Identifier as IP or Hostname then Authentication token then SIEM Server or log collector ip in "Configuration Console (host and port):" and leave the "Syslog Status Server ..." section blank and click Next.
Note:Authentication Token can be taken from SIEM server Web Console "Admin" tab then "User Management" Section and "Authorized services"

7. Click "Enable Automatic Log Source Creation" and put log source name which will appear in SIEM and log source identifier as IP or Hostname which was selected in previous section Host Identifier.

8. Click Next without any changes

9. Click Install

10. Click Finish

WinCollect DSM Configuration Steps

To collect Multiple logs from one server like OS logs and any .txt or .log file of any application on that server. Follow below steps for DSM Configuration
1. Add a DSM to Collect OS Logs and select "security", "system", and "application" or as per requirement.
2. Add a DSM to Collect .txt or .log file logs from same server

Posted by at 1 comment:
Subscribe to: Posts (Atom)