Scribd
Upload
279 views3 pages

7.0.1.2 Class Activity - What's Going On

This document provides instructions for an activity to identify processes running on a computer using TCPView software. The objectives are to identify processes, protocols, and local and remote port addresses. Students will download and install TCPView, then answer questions about the number of endpoints listed, those listening and established. They will observe TCPView as a browser is used and closed, noting the colors and process changes. This allows them to understand how programs communicate over the network.

Uploaded by

c583706
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
279 views3 pages

7.0.1.2 Class Activity - What's Going On

This document provides instructions for an activity to identify processes running on a computer using TCPView software. The objectives are to identify processes, protocols, and local and remote port addresses. Students will download and install TCPView, then answer questions about the number of endpoints listed, those listening and established. They will observe TCPView as a browser is used and closed, noting the colors and process changes. This allows them to understand how programs communicate over the network.

Uploaded by

c583706
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Class Activity – What's Going On?

Objectives
Identify the processes running on a computer, the protocol they are using, and their local and remote port
addresses.

Background / Scenario
For a hacker to establish a connection to a remote computer, a port must be listening on that device. This
may be due to infection by malware, or a vulnerability in a legitimate piece of software. A utility, such as
TCPView, can be used to detect open ports, monitor them in real-time, and close active ports and processes
using them.

Required Resources
 PC with Internet access
 TCPView software

Step 1: Download and install the TCPView software.


a. Click on the link below to reach the download page for TCPView.
http://technet.microsoft.com/en-us/sysinternals/tcpview.aspx

b. Create a folder on the desktop named “TCPView”.

 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 1 of 3 www.netacad.com
Class Activity – What’s Going On?

c. Extract the contents of the zip to this new folder.

d. Double-click the Tcpview Application to start it.


e. Finally, Agree to the software license terms.

Step 2: Answer the following questions.


a. How many Endpoints are listed?
____________________________________________________________________________________
b. How many are Listening?
____________________________________________________________________________________

 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 2 of 3 www.netacad.com
Class Activity – What’s Going On?

c. How many Endpoints are Established?


____________________________________________________________________________________

Step 3: Use a browser and observe the TCPView window.


a. Open the Options menu and click “Always on Top”.
Note: Use the Help section of the program to help you answer the following questions.
b. Open any browser.
What happens in the TCPView window?
____________________________________________________________________________________
____________________________________________________________________________________
c. Browse to cisco.com.
What happens in the TCPView window?
____________________________________________________________________________________
____________________________________________________________________________________
d. Close the browser.
What happens in the TCPView window?
____________________________________________________________________________________
____________________________________________________________________________________
What do you think the colors mean?
____________________________________________________________________________________
____________________________________________________________________________________
Note: To close a process directly, right-click the process and choose End Process. Using this method can
cause a program or the operating system to become unstable. Only end processes that you know are safe to
end. This method can be used to stop malware from communicating.

 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 3 of 3 www.netacad.com

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy