Why do connections occur give reasons.Plz help me would be very helpful reward 40 points
Answers
follow and heart for my work
Explanation:
Network connections and activity on the subject system can reveal vital information about an attacker’s connection to the system, including the location of an attacker’s remote data collection server and whether the subject system is beaconing to a command and control structure, among other things.
►
In surveying a potentially infected and compromised system, try to obtain the following information about the network activity on the subject system:
•
Active network connections
•
Address Resolution Protocol (ARP) cache
•
Internal routing table.
Investigative Considerations
•
In addition to network activity analysis, conduct an in-depth inspection of open ports on the subject system, including correlation of the ports to associated processes. Port inspection analysis is discussed later in this book.
•
Rootkits can conceal specific ports and active network connections on a live system. Forensic analysis of the memory dump from the subject system can reveal such items that were not visible during the live data collection. Memory forensics is covered in Chapter 2 of Malware Forensics Field Guide for Linux Systems.
Answer:
Connection is a relationship in which a person, thing or idea is linked or associated with something else. A connection is a relationship that occurs as a result of successful networking, and its primary goal.