which of the following commands would gather the data requested by the client?

You find that a host (192.168.1.4) being used on one of your client’s networks has been
compromised with a backdoor program listening on port 31337. Your client requests a list of
originating IP addresses connecting to that port. Using a Linux workstation as traffic analyzer, which
of the following commands would gather the data requested by the client?

You find that a host (192.168.1.4) being used on one of your client’s networks has been
compromised with a backdoor program listening on port 31337. Your client requests a list of
originating IP addresses connecting to that port. Using a Linux workstation as traffic analyzer, which
of the following commands would gather the data requested by the client?

A.
tcpdump host 192.168.1.4 and port 31337 -w out

B.
nmap host 192.168.1.4:31337

C.
arpwatch -n 192.168.1.4/32 -p 31337 > capture

D.
pcap -d 192.168.1.4:31337

E.
ipwatch –syn 192.168.1.4 -p 31337 –1og=out

Explanation:
tcpdump – dump traffic on a network
——————————–
nmap – Network exploration tool and security / port scanner
http://en.wikipedia.org/wiki/Arpwatch
http://en.wikipedia.org/wiki/Pcap
http://www.scrounge.org/ipwatch/



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Marcus

Marcus

A.
tcpdump host 192.168.1.4 and port 31337 -w out