Question
Solution Preview
This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.
First, on your forensic station (one that you consider trusted), you can run this command to collect information: NC –v –l –p TCP_PORT_10,000 > command.txt . On the victim’s PC, you can run the following command to send data to the forensic: command_name | NC FORENSIC_HOST_IP_ADDRESS TCP_PORT_10,000.In order to collect volatile data, you can use the following commands:
- To retrieve System date and time – date
- To see current network connections (open TCP/UDP ports) – netstat –an
- For displaying of open files – Lsof lists open files, displays the files that the process has
open and using lsof-n lists raw IP addresses....