Board index Linux Security

scanning and security

scanning and security

Post by highlande » Mon, 11 Dec 2000 21:03:33



Hello
    Does it exist scaner under linux which can scan many adreses
looking for a special one (for example with opened port 23) ?
What about scaners using SYNC method (not fully connecting)?
How can i secure before such scaner?
Are there any logs? What can i do?
Can I identify IP which scanned me?

Thanx
Michael

 
 
 
Top

scanning and security

Post by sver » Tue, 12 Dec 2000 07:27:43



>Hello
>    Does it exist scaner under linux which can scan many adreses
>looking for a special one (for example with opened port 23) ?
>What about scaners using SYNC method (not fully connecting)?
>How can i secure before such scaner?
>Are there any logs? What can i do?
>Can I identify IP which scanned me?

>Thanx
>Michael

try Portsentry from http://www.psionic.com - it can respond to
port scans for exapmle by adding an entry into /etc/hosts.deny
or adding a new ipchains rule... and yes, it does detect SYN stealth
scans too

 
 
 
Top

scanning and security

Post by Michael Erskin » Tue, 12 Dec 2000 07:33:05



> Hello
>     Does it exist scaner under linux which can scan many adreses
> looking for a special one (for example with opened port 23) ?

Yes, nmap.

Quote:> What about scaners using SYN method (not fully connecting)?

Yes, nmap.

Quote:> How can i secure before such scaner?

ipchains
man 5 hosts_access
tcpwrappers
scanlogd

Quote:> Are there any logs?

man syslogd
Check /var/log/*

Quote:> What can i do?
> Can I identify IP which scanned me?

In the logs.

Quote:

> Thanx
> Michael

--
Remember it's one piece of string,  two bits of wood,  three feathers,  all
the rest is propaganda.  The only accuracy requirement is to be able to hit
a Frenchman on a horse at 200 paces or on foot at 60.
 
 
 
Top

1. Security Site Update/Free Security Scan

The following security sites have had changes within the last 6 hours.

http://www.hackernews.com
http://slashdot.org

If you need to stay up to date on Internet Security issues visit
http://hackerwhacker.com. We monitor all popular Security resources
and quickly inform you of those that have new information so you do
not have to waste your time on sites that are not kept up to date.

Thanks.

The Whacker

2. Alpha mobo

3. Is NCR's UNIX gone?

4. Matrox Mystique ands X.

5. grep: subdirectories

6. Acceptable Limits of Security Scan

7. Security Problems in BSDI 2.0.1?

8. Free security scans of your linux servers.

9. Security scanning with tiger..

10. security newbie - /var/log/messages scans

11. Network Scanning and Security Tools

12. Totally Free Host Security Scan - on the web-


All times are UTC
Board index