AIX 5.2 local portscanner?
From: Tony Brown (tony.brown2_at_comcast.net)
Date: 10/12/05
- Previous message: Imhotep: "Re: Wireless security"
- Next in thread: Donnie: "Re: AIX 5.2 local portscanner?"
- Reply: Donnie: "Re: AIX 5.2 local portscanner?"
- Reply: Moe Trin: "Re: AIX 5.2 local portscanner?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 11 Oct 2005 23:15:30 -0500
My network guys tell me that one of our local machines is sending out
port scans to a particular host. The "attacking" machine is AIX 5.2.
I have been tcpdumping for 2 days and have not seen anything
significant. I installed lsof and nothing is showing up. For clarity
I installed this and am monitoring on the "attacking" machine. Still
the port scans exist.
Does anyone know of a tool that will definitively tell me what process
is causing this?
TIA,
T.
- Previous message: Imhotep: "Re: Wireless security"
- Next in thread: Donnie: "Re: AIX 5.2 local portscanner?"
- Reply: Donnie: "Re: AIX 5.2 local portscanner?"
- Reply: Moe Trin: "Re: AIX 5.2 local portscanner?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
