Date: Sun, 24 Oct 1999 15:26:57 +0930 (CST) From: Mark Newton <newton@atdot.dotat.org> To: arussell@bifrost.agrknives.com (A.G. Russell IV) Cc: security@FreeBSD.ORG Subject: Re: kernel patch to detect port scan, without turning on ports... Message-ID: <199910240556.PAA55113@atdot.dotat.org> In-Reply-To: <199910240554.AAA11814@bifrost.agrknives.com> from "A.G. Russell IV" at Oct 24, 99 00:54:22 am
next in thread | previous in thread | raw e-mail | index | archive | help
A.G. Russell IV wrote:
> Sorry if this is redundant,
> I'm looking for the kernel patch to allow detection of a port scan without
> turning on each of the ports.
Execute the following
sysctl -w net.inet.tcp.log_in_vain=1
sysctl -w net.inet.udp.log_in_vain=1
You'll get a console log message whenever someone tries to reach a
port which isn't listening.
- mark
--------------------------------------------------------------------
I tried an internal modem, newton@atdot.dotat.org
but it hurt when I walked. Mark Newton
----- Voice: +61-4-1620-2223 ------------- Fax: +61-8-82231777 -----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910240556.PAA55113>