Re: Checking port scanning?

To: "Noah L. Meyerhans" <frodo@morgul.net>
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: Checking port scanning?
From: Daniel Sand <daniel@bildbau.de>
Date: Thu, 22 Mar 2001 15:44:03 +0000
Message-id: <[🔎] 3ABA1DC3.6625A139@bildbau.de>
References: <[🔎] 01032210204202.00363@neuro> <[🔎] 01e601c0b2dc$d7141260$25edbdd0@robinson2000> <[🔎] 20010322093811.A31281@morgul.net>

Re,

"Noah L. Meyerhans" wrote:

> On Thu, Mar 22, 2001 at 08:31:53AM -0600, Brooks R. Robinson wrote:
>
> > You may also want to try iplogger.  Not only will this show ALL the ports in
> > use, not just the ones you select in portsentry.  Also, portsentry actually
> > listens on those ports it is monitoring, so if you nmap yourself for
> > security leaks, you'll see a plethora of ports open, don't freak.
>
> IIRC iplogger was obsoleted by ippl.  There were some issues with remote
> DoS attacks against hosts running iplogger.  Ippl took care of those and
> provides a more flexible logging mechanism.  Ippl is one of the very
> first packages I install on any Debian box in my control.  Once you've
> configured it right (i.e. told it not to log normal traffic like smtp
> connections) the output can be very interesting.
>

you even should try snort. even a nice choice for port scanning and other strange
attacks against your system

MfG Daniel

Reply to:

References:
- Re: Checking port scanning?
  - From: Frédéric de Villamil <neuromancien@altern.org>
- RE: Checking port scanning?
  - From: "Brooks R. Robinson" <brooks.robinson@rides.com>
- Re: Checking port scanning?
  - From: "Noah L. Meyerhans" <frodo@morgul.net>

Prev by Date: Re: security.debian.org
Next by Date: debconf asking Questions
Previous by thread: Re: Checking port scanning?
Next by thread: Re: Checking port scanning?
Index(es):
- Date
- Thread