Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 4 May 2003 22:07:43 -0700 (PDT)
From:      Jeff Jirsa <jeff@unixconsults.com>
To:        admin <admin2@enabled.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: port scanning detection
Message-ID:  <20030504220634.E31050-100000@boris.st.hmc.edu>
In-Reply-To: <20030505044937.M68945@enabled.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 4 May 2003, admin wrote:

>
>
> Hey,
>
> Is there a good Program out there that can assist me with identifying when I
> am getting portscanned and possible origination?


If you're running a firewall, set the firewall to log connection attempts
to ports not in use.

If you're not running a firewall, run the command:

sysctl net.inet.tcp.log_in_vain=1

When you're port scanned, you'll see the connection attempts in `dmesg -a`
and on the console.

- Jeff



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030504220634.E31050-100000>