Stefan Becker wrote:
Hi everybody, There has been alot of talk about portscans. What utility are you using to detect a portscan. Do I NEED a firewall before I can detect a portscan on the machine.
There is a packed named scanlogd in the sec series. Just installed it. Funny, there are no man pages, no discription in /usr/doc/packages. Someone any helpful pointers?? Juergen
Could someone please point me to utility / package to simply detect such a portscan and send a mail to me (the Network Admin).
thanks, Stefan Becker LUFA Speyer
becker@lufa-sp.vdlufa.de
Right. But, as as my log-files show, in many cases an attack follows the port scan.
I _always_ contact the gateway admin if I find a port scan, and, in some cases, they find out that somebody intruded in their systems.
So I think it is helpful to inform admins about port scans that come from their systems. It's one way to avoid attacks followed by port scans.
Regards,
Martin
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\