Skip to main content

Monitor secret connections that your computer makes.

How to see which websites your computer is secretly connecting to?


 Has your Internet connection become slower than it should be? 
There may be a chance that you have some malware, spyware, 
or adware that is using your Internet connection in the 
background without your knowledge. Here’s how to see what’s
 going on under the hood.

 It’s worth noting that most third-party firewalls will probably give you 
this same type of information as well as block things that are trying to
 connect… unless the applications managed to add an exclusion already. 
Better check anyway.
So, how do you find out what the problem is? There is an easy method using the netstat 
command from a command prompt window. This works with Windows 10, 8, 7, Vista, and XP.
 If you’re still using XP, make sure you are running at least Service Pack 2, 
and just assume that somebody already hacked your computer because your operating 
system is now a teenager.

 We will use the netstat command to generate a list of everything that has made an
 Internet connection in a specified amount of time. To use the netstat command, 
you must run the command prompt window as administrator.

 press windows key plus r and type cmd. press enter.(make sure you run it as admin)

 At the command prompt, type the following command and press Enter.

     netstat -abf 5 > activity.txt

 The –a option shows all connections and listening ports, the –b option 
shows you what application is making the connection, and the –f option 
displays the full DNS name for each connection option for easier 
understanding of where the connections are being made to. 
You can also use the –n option if you wish to only display the IP address.
 The 5 option will poll every 5 seconds for connections to make it more easy to track 
what is going on, and the results are then piped into the activity.txt file.
Wait about two minutes and then press Ctrl + C to stop the recording of data.
Once you’ve finished recording data, you can simply open the activity.txt file in your 
favorite editor to see the results, or you can type activity.txt at the command line to
 open it in Notepad.

 The resulting file will list all processes on your computer (browsers, IM clients, 
email programs, etc.) that have made an internet connection in the last two minutes,
 or however long you waited before pressing Ctrl + C. It also lists which processes
 connected to which websites.

 If you see process names or website addresses with which you are not familiar, you 
can search for “what is (name of unknown process)” in Google and see what it is. 
It may be a system function you don’t know about or a function of one of your running 
programs. However, if it seems like a bad site, you can use Google again to 
find out how to get rid of it.
Labels:

Comments

Post a Comment

Popular posts from this blog

Hiding files inside an Image on Android

You can hide your files behind an image and this technique is called Steganography. So lets get started. What is Steganography Steganography is an art of hiding a file, message, audio, video, or image within another file, message, audio, video, or image. The word steganography comes from two greek words "steganos" (meaning: concealed) and "graphein" (meaning: writing). The basic difference between cryptography and Steganography is that in cryptography only the message is hidden, but in Steganography, the message and the secret communication are hidden. A lot of good steganographic tools are available for Windows, Mac, and Linux, but not that much for the Android operating system. Now lets see how you can do the same GETTING STARTED Here is how to hide any file inside any image file on android: 1. First, you have to download NiaStego and install it on your android device. 2. Open the app, then you will see a window as shown below. 3. T...
Post a Comment
Read more

Fileless Ransomware - All you need to know.

Fileless Ransomware - All you need to know. Many global companies, banks, and even some government organizations are struggling to protect everything from the newest type of threat that scared the world — Fileless Ransomware. The new version of ransomware has arrived — it’s stealthy, almost impossible to detect and is forcing every vulnerable organization to pay the ransom to cyber criminals. These attacks are called “fileless” or non-malware ransomware attacks in which the attack executes malicious commands with Microsoft’s PowerShell. It’s really important to mention that Non-malware or file-less ransomware (unlike some traditional ransomware) does not use any of the files to encrypt your data, but instead it writes scripts/macros which originate from PowerShell to encrypt the files. Fileless malware is a unique type of software and it's really difficult to detect because the malicious code is embedded into the native scripting language or written straight in...
Post a Comment
Read more