Cyber Securities Technology Logo Next-generation software for computer investigations of live computers inenterprises
Photo

Tour Background
1. Logging into OnLineDFS
2. Creating an inquiry
3. Logging into the target system
4. The initial acquisition
5. Analyzing data
6. Acquiring state data
7. Acquiring files
8. Displaying data
9. Continuing the investigation
10. Logging out

OnLineDFS: A Guided Tour


Background | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

9. Continuing the investigation (continued) <-- Previous Next -->

The Detailed Process Information screen for the micr.exe process then appears, shown in Figure 22. It includes a list of Open Network Ports, revealing an open network connection at port 6667. This indicates a high likelihood that Wallace was actively communicating with his external contact while the investigation was being performed. Based on his knowledge of mIRC, Miller knows there's a chance that the ongoing chat is being automatically logged by mIRC.

Figure 22 - Detailed Process Information
Figure 22 - Detailed Process Information

Back to top <-- Previous Next -->

Copyright © 2008 Cyber Security Technologies Corporation, All Rights Reserved. Terms & Conditions