From owner-freebsd-questions Mon Sep 25 6:14:17 2000 Delivered-To: freebsd-questions@freebsd.org Received: from p0016c23.us.kpmg.com (p0016c23.us.kpmg.com [199.207.255.23]) by hub.freebsd.org (Postfix) with ESMTP id 6CDAA37B422 for ; Mon, 25 Sep 2000 06:14:14 -0700 (PDT) Received: from p0016c56.kweb.us.kpmg.com by p0016c23.us.kpmg.com(Pro-8.9.3/Pro-8.9.3) with SMTP id JAA27253 for ; Mon, 25 Sep 2000 09:14:12 -0400 (EDT) Received: from p0016c22.kweb.us.kpmg.com by p0016c56.kweb.us.kpmg.com via smtpd (for p0016c23.us.kpmg.com [199.207.255.23]) with SMTP; 25 Sep 2000 13:14:11 UT Received: from usnssexc11.kweb.us.kpmg.com by kpmg.com(Pro-8.9.2/Pro-8.9.2) with ESMTP id JAA01644 for ; Mon, 25 Sep 2000 09:14:10 -0400 (EDT) Received: from usnssexc11.kweb.us.kpmg.com (unverified) by usnssexc11.kweb.us.kpmg.com (Content Technologies SMTPRS 2.0.15) with ESMTP id ; Mon, 25 Sep 2000 09:14:03 -0400 Received: by usnssexc11.kweb.us.kpmg.com with Internet Mail Service (5.5.2650.21) id ; Mon, 25 Sep 2000 09:14:02 -0400 Message-Id: <7799D023E51ED311BFB50008C75DD7B40223B2DB@uschiexc05.kweb.us.kpmg.com> From: "Passki, Jonathan P" To: "'Tobias Roth'" Cc: questions@freebsd.org Subject: RE: Scanning for port scans, etc Date: Mon, 25 Sep 2000 09:14:03 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Heck, snort's pretty slick, too, with its logging and predefined, yet configurable & updated rule files for port scans and a whole host of other attacks /usr/ports/security/snort > -----Original Message----- > From: Tobias Roth [mailto:roth@iamexwi.unibe.ch] > Sent: Sunday, September 24, 2000 17:23 > To: Tommy Forrest - KE4PYM > Cc: questions@FreeBSD.ORG > Subject: Re: Scanning for port scans, etc > > > > > I am interested in watching my FBSD 4.0 box for people running port > > scans and other fun things (tm) against it. What applications can I > > look at to get started? Which are the best? > > check out iplog from the ports, it detects virtually any form > of scan nmap > et all is capable off. > > if you want to react on the scans in some way, check out > portsentry, also > in the ports. > > and while you're at it, go and install logcheck, so you > quickly notice any > uncommon log entry > > have fun, Tobe > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. ***************************************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message