Re: Port Scans and Prelude
From: Ali-Reza Anghaie (ali@packetknife.com)
Date: 02/25/03
- Previous message: Andrew Yeomans: "Re: Linux security toolkit in a box"
- In reply to: Shawn Belcourt: "Port Scans and Prelude"
- Next in thread: David D. Huff Jr.: "Re: Port Scans and Prelude"
- Reply: David D. Huff Jr.: "Re: Port Scans and Prelude"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Ali-Reza Anghaie <ali@packetknife.com> Date: Tue, 25 Feb 2003 17:38:52 -0500
Shawn Belcourt wrote:
> I recently installed the Linux MNF firewall. Its been great in the way it
> works. One of the things that I have come accross lately in the prelude
> logs is udp scan attacks from my own ISP. udp ports ranging from 1101 to
> 11136
Which system from your ISP? Are you sure it's not their DNS servers
responding?
Use Ethereal or another packet analyzer to examine the content.
Cheers, -Ali
-- OpenPGP Key: 030E44E6 -- Was I helpful?: http://svcs.affero.net/rm.php?r=packetknife -- To alcohol! The cause of - and solution to - all of life's problems! -- Homer Simpson
- Next message: kyi: "Re: iptables & nfs slowdowns"
- Previous message: Andrew Yeomans: "Re: Linux security toolkit in a box"
- In reply to: Shawn Belcourt: "Port Scans and Prelude"
- Next in thread: David D. Huff Jr.: "Re: Port Scans and Prelude"
- Reply: David D. Huff Jr.: "Re: Port Scans and Prelude"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
