[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security Setup: how to respond to a portscan (This is long!)

On Sun, Oct 03, 1999 at 11:01:15PM +0200, Jan Vroonhof wrote:

> localhost still have access). I think you are more or less safe as
> long as you don't do stupid things with xhosts.

xhost + anyone?

> > (6) I'd like to be able to respond to a port scan attempt in real-time,
> >     and possibly stop it altogether.
> >     What programs are available in debian to do this ?

> I don't think there is much you can do about it, at least not quickly.
> port scans are so common that a lot of people think it isn't worth the
> hassle.

Have a look arond securityfocus.com - there are several tools which will
automatically blackhole based on various rules.

> > Thanks for reading the email (if you made it this far!). I definitely
> > intend to take security of my system more seriously from now.

> I know the feeling. The first time I connect our lap-top to the
> network at my  girl-friends work I got portscanned after 15 minutes or
> so. It is scary.

Speaking of which, does anyone have recommendations for logfile

Mark Brown  mailto:broonie@tardis.ed.ac.uk   (Trying to avoid grumpiness)
EUFS        http://www.eusa.ed.ac.uk/societies/filmsoc/

Attachment: pgpLWzZZoogdS.pgp
Description: PGP signature

Reply to: