Fw: scanning

From: Himicos (himicos@hotmail.com)
Date: 12/30/02

  • Next message: Alberto Gonzalez: "Re: scanning"
    From: "Himicos" <himicos@hotmail.com>
    To: <paras@bajranet.com.np>, <security-discuss@linuxsecurity.com>
    Date: Mon, 30 Dec 2002 18:21:37 +0200

    Although not primarily developed for port scanning, tcpdump can provide some
    useful insight of your network's traffic. It requires surfing through logs
    and keeping an eye on it, but on the whole (combined with arp poisoning if
    on a switched network) it is a quite informative since it operates on a low
    level ( the host-to-host layer of the tcp/ip stack). Hope this helps.

    o himicos tis geitonias sas (your neighborhood's friendly chemist)

    ----- Original Message -----
    From: paras <paras@bajranet.com.np>
    To: <security-discuss@linuxsecurity.com>
    Sent: Monday, December 30, 2002 12:31 PM
    Subject: scanning

    > hi all
    > what is the best tool to use to monitor my network and my servers for
    > intruders and hackers?. if some one scans my network i want the action to
    > notice in my mail or something like that.
    > i have heard of snort. beside this which is better tool?
    > Thanks
    > Paras.
    > ------------------------------------------------------------------------
    > To unsubscribe email security-discuss-request@linuxsecurity.com
    > with "unsubscribe" in the subject of the message.
         To unsubscribe email security-discuss-request@linuxsecurity.com
             with "unsubscribe" in the subject of the message.