Scribd Logo
Upload

Welcome to Scribd!

  • 15.0.3 Class Activity - What Is Going On

    Uploaded by

    krisna mulyana
    52 views3 pages
    The document describes a class activity to identify processes running on a computer using TCPView software. It has three parts: 1) download and install TCPView, 2) answer questions about current processes and ports, 3) observe the TCPView window while using a browser. When a browser is opened, new green processes appear in TCPView and may change color. Browsing a site causes more green processes which also change color over time. When the browser closes, the processes disappear and some turn red. The colors in TCPView likely indicate process status - green for starting, yellow for waiting, red for closing, and white for running.

    Original Description:

    Original Title

    15.0.3 Class Activity - What is Going On

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document describes a class activity to identify processes running on a computer using TCPView software. It has three parts: 1) download and install TCPView, 2) answer questions about current processes and ports, 3) observe the TCPView window while using a browser. When a browser is opened, new green processes appear in TCPView and may change color. Browsing a site causes more green processes which also change color over time. When the browser closes, the processes disappear and some turn red. The colors in TCPView likely indicate process status - green for starting, yellow for waiting, red for closing, and white for running.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    52 views3 pages

    15.0.3 Class Activity - What Is Going On

    Uploaded by

    krisna mulyana
    The document describes a class activity to identify processes running on a computer using TCPView software. It has three parts: 1) download and install TCPView, 2) answer questions about current processes and ports, 3) observe the TCPView window while using a browser. When a browser is opened, new green processes appear in TCPView and may change color. Browsing a site causes more green processes which also change color over time. When the browser closes, the processes disappear and some turn red. The colors in TCPView likely indicate process status - green for starting, yellow for waiting, red for closing, and white for running.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 3

    Class Activity - What's Going On?

    Objectives
    Identify the processes running on a computer, the protocol they are using, and their local and remote port
    addresses.
    Part 1: Download and install the TCPView software.
    Part 2: Answer the following questions.
    Part 3: Use a browser and observe the TCPView window.

    Background / Scenario
    For a hacker to establish a connection to a remote computer, a port must be listening on that device. This
    may be due to infection by malware, or a vulnerability in a legitimate piece of software. A utility, such as
    TCPView, can be used to detect open ports, monitor them in real-time, and close active ports and processes
    using them.

    Required Resources
     PC with Internet access
     TCPView software

    Instructions

    Part 1: Download and install the TCPView software.


    a. Click the link below to reach the download page for TCPView.

     2017 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 3 www.netacad.com
    Class Activity - What's Going On?

    http://technet.microsoft.com/en-us/sysinternals/tcpview.aspx

    b. Create a folder on the desktop named TCPView.


    c. Extract the contents of the zip to this new folder.
    d. Start the Tcpview Application.
    e. Finally, Agree to the software license terms.

     2017 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 3 www.netacad.com
    Class Activity - What's Going On?

    Part 2: Answer the following questions.


    a. How many Endpoints are listed? 55

    b. How many are Listening? 23

    c. How many Endpoints are Established? 1

    Part 3: Use a browser and observe the TCPView window.


    a. Open the Options menu and click “Always on Top”.
    Note: Use the Help section of the program to help you answer the following questions.
    b. Open any browser.

    What happens in the TCPView window?

    beberapa proses browser terbuka dan berubah menjadi hijau di layar, kemudian beberapa mungkin
    berubah menjadi kuning, merah, atau putih

    c. Browse to cisco.com.

    What happens in the TCPView window?

    lebih banyak proses browser terbuka sebagai hijau di layar, kemudian beberapa mungkin berubah
    menjadi kuning, merah, atau putih.

    d. Close the browser.

    What happens in the TCPView window?

    Proses browser menghilang, setelah beberapa waktu, beberapa proses browser berubah menjadi merah
    saat ditutup.

    What do you think the colors mean?

    Garis hijau menunjukkan proses yang dimulai, garis kuning menunjukkan proses yang menunggu untuk
    dibuka atau ditutup, garis merah menunjukkan proses yang sedang ditutup, dan garis putih menunjukkan
    proses yang sedang berjalan.

    Note: To close a process directly, right-click the process and choose End Process. Using this method can
    cause a program or the operating system to become unstable. Only end processes that you know are safe to
    end. This method can be used to stop malware from communicating.
     2017 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 3 www.netacad.com

    You might also like