Which of the following tools are NOT used for logging network activities in the Linux operating
system? Each correct answer represents a complete solution. Choose all that apply.
A.
PsLoggedOn
B.
PsGetSid
C.
Timbersee
D.
Swatch
Explanation:
PsLoggedOn and PsGetSid are not logging tools. They are command-line utilities used in the
Windows operating system.
PsLoggedOn is an applet that displays both the local and remote logged on users. If an attacker
specifies a user name instead of a computer, PsLoggedOn searches the computers in the network
and tells whether the user is currently logged on or not. The command syntax for PsLoggedOn is
as follows:
psloggedon [- ] [-l] [-x] [\\computername | username]
PsGetSid is a tool that is used to query SIDs remotely. Using PsGetSid, the attacker can access
the SIDs of user accounts and translate an SID into the user name. The command syntax for
PsGetSid is as follows:psgetsid [\\computer[,computer[,…] | @file] [-u username [-p password]]] [account|SID]
Answer options C and D are incorrect. Timbersee and Swatch are tools used for logging network
activities in the Linux operating system.