First find the outgoing connections with the following command
Check the connections and find the connection which is trying to attack the other systems. For example PID 11009 in this scenario.
Use the following command to identify the list of files involved in the process execution
netstat -nputwN
Check the connections and find the connection which is trying to attack the other systems. For example PID 11009 in this scenario.
Use the following command to identify the list of files involved in the process execution
lsof -p 11009
Posts
No comments:
Post a Comment