Re: TCP/IP Port Security
From: Kurt (kryptology_at_gmail.com)
Date: 10/19/05
- Previous message: Herman Frederick Ebeling, Jr.: "RE: Wireless Security"
- In reply to: Burton Strauss: "RE: TCP/IP Port Security"
- Next in thread: ilaiy: "Re: TCP/IP Port Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Oct 2005 00:17:45 -0400 To: rchdynasty@msn.com
Shot in the dark, but you could try using snort to profile your
existing network traffic and catalogue it in a smarter way than just
reviewing ethereal output, but maybe you could whip up a smart way to
do it that would work for you. Lots of cool projects out there that
might help like http://www.snort.org/dl/contrib/patches/snort-perl/ or
http://www.chaotic.org/guardian/
It is probably much easier to list just the ports/protocols/signatures
you allow on the network, and then ban everything else. No need to
worry about the dynamic nature of X11 if you don't have it on your
network.
Good luck!
> -----Original Message-----
> From: rchdynasty@msn.com [mailto:rchdynasty@msn.com]
> Sent: Tuesday, October 18, 2005 10:20 AM
> To: security-basics@securityfocus.com
> Subject: TCP/IP Port Security
>
> My company is currently looking to develop a port registry and cataloging
> process. All TCP ports will be required to be cataloged (Dynamic or
> Private/Registered/Well Known). All platforms will be addressed since we use
> various platforms.
> My question is what would be the most effect way to develop this process.
> I'm also looking for websites for reference.
>
>
- Previous message: Herman Frederick Ebeling, Jr.: "RE: Wireless Security"
- In reply to: Burton Strauss: "RE: TCP/IP Port Security"
- Next in thread: ilaiy: "Re: TCP/IP Port Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
