RE: Port scanning question

From: David Gillett (gillettdavid_at_fhda.edu)
Date: 07/03/03

  • Next message: Erik Rissanen: "Re: Ten least secure programs"
    To: "'Thom Larner'" <thom@thiri.com.au>, <security-basics@securityfocus.com>
    Date: Thu, 3 Jul 2003 09:37:23 -0700
    
    

      You should be able to see this in your firewall logs --
    a series of blocked connection attempts to unused ports
    on your servers, usually followed by a similar set of
    attempts on the next server address.

    David Gillett

    > -----Original Message-----
    > From: Thom Larner [mailto:thom@thiri.com.au]
    > Sent: June 30, 2003 16:38
    > To: 'security-basics@securityfocus.com'
    > Subject: Port scanning question
    >
    >
    > Hi all,
    >
    > As a relative newcomer to the security field, but with a
    > reasonable amount
    > of experience in sys admin roles, I am now responsible for the network
    > security of the (small) company I work for. One of the
    > things I would like
    > to do is determine if (when) our web server, which hosts our
    > applications,
    > is being port scanned. How do I go about this? Are there
    > (free or cheap)
    > tools that will help you do this? We run both Solaris and
    > W2K Server boxes,
    > and I would like to check both.
    >
    > Now I just have to determine what, if anything, to do if
    > (when) we are being
    > scanned...
    >
    > Thanks in advance for your help.
    >
    > Cheers,
    >
    > Thom.
    >
    > --------------------------------------------------------------
    > -------------
    > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by
    > top analysts!
    > The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    > while InStat has confirmed Neoteris as the leader in marketshare.
    >
    > Find out why, and see how you can get plug-n-play secure
    > remote access in
    > about an hour, with no client, server changes, or ongoing maintenance.
    >
    > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    > --------------------------------------------------------------
    > --------------
    >

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------


  • Next message: Erik Rissanen: "Re: Ten least secure programs"