wp020858a3.gif
wp5dd1dbef.gif
wp020858a3.gif
wp5dd1dbef.gif
wp020858a3.gif
wp5dd1dbef.gif
wp020858a3.gif
wp5dd1dbef.gif
wp020858a3.gif
wp5dd1dbef.gif
wp020858a3.gif
wp5dd1dbef.gif
wp020858a3.gif
wp020858a3.gif
wp020858a3.gif
wp020858a3.gif
wp020858a3.gif
wp020858a3.gif
wp020858a3.gif
wp020858a3.gif

Performance Networks

wpbbb9a36e_0f.jpg

Performance Networks

wp2d109bc4.png

Remote Command tool: Useful for running commands on many PC’s at once. I created this script a couple of years ago, add a username and password with admin rights on the PC’s to the remote command.bat file, add your dos command to the command.bat file, and a list of computer names to the Computers.txt file. Once run you will see the commands as they run on each PC. Note: uses Microsoft’s formally Sysinternals psexec.exe

wp2d109bc4.png

Live Response tool: Every Network/System Administrator should have these tools available to run on a server or workstation they suspect has been compromised by hackers. The zip file contains a few Sysinternals PS Tools files and FPort by Found stone. Fport maps ports that are open to running processes on the compromised Server/PC and the PS Tools map who is logged on and services running etc.

 

Note: The log file created can be quite large as the script logs the file created and last accessed date if you do not need this you should remove from the commands.bat file. If you are trying to capture an actual hacking incident as it is taking place and you would like to use the evidence in a later case against the hacker, it may be wise to use Netcat or \\ServerName\Share\Logfile.txt on a master PC to avoid writing the log file to the C drive of the Server.