From owner-freebsd-security Sun Mar 25 1:26:27 2001 Delivered-To: freebsd-security@freebsd.org Received: from axis.tdd.lt (axis.tdd.lt [193.219.211.5]) by hub.freebsd.org (Postfix) with ESMTP id 206EE37B71B for ; Sun, 25 Mar 2001 01:26:23 -0800 (PST) (envelope-from domas.mituzas@delfi.lt) Received: from localhost (midom@localhost) by axis.tdd.lt (8.11.1/8.11.1) with ESMTP id f2P9QFa52024; Sun, 25 Mar 2001 11:26:15 +0200 (EET) Date: Sun, 25 Mar 2001 11:26:15 +0200 (EET) From: Domas Mituzas X-Sender: midom@axis.tdd.lt To: jessemonroy@email.com Cc: security@FreeBSD.ORG Subject: Re: Fwd: A Simple TCP Port Alarm In-Reply-To: <200103250146.RAA36357@dnull.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, > I've written a simple TCP port alarm in Perl. > The default configuration spoofs the daytime service on port 13. > It logs all connections, then emails to the configured recipient. > You can check it out at: How is it connected with security? :-) Actually tcpwrappers (hosts.allow) support various actions on denied or accepted connections, like sending email message or a bomb to the blackhat. There are a lot of other tools like portsentry, that happen to be rather succesful. And connections to daytime service are often very hazardous. Time is very valuable information, so we'd log all connections, that are trying to obtain it from us, cause a simple leak will make whole network open to bad guys. No offence, congrats dear Linux coder, you've written your first public software :) (How long are you going to support it?) Regards, Domas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message