Displaying 20 results from an estimated 42 matches for "portscaner".
2006 Mar 20
6
[OT maybe] netcafe firewall
...s
fate and become extinct after Check Point''s acquisition of Sourcefire
will be completed. No FUD intended on this, optimistic views are always
highly welcomed :)
Luckily denyhosts has no plans of selling itself to anyone so that''s
one project I can safely use :)
So, Open Source portscaner for CentOS... anyone... ? :)
Thank you for your time and help,
With respect,
Alex
2007 Oct 17
1
Portscans and Asterisk
Anything to do about portscans? Is there any way (should I) to see
if the connection is a legit (only SIP currently) connection BEFORE
my * answers?
[2007-10-17 19:23:46] WARNING[4191]: chan_sip.c:6624 determine_firstline_parts: Bad request protocol 01@<ASTERISK_IP> SIP/2.0
-- Executing [s at default:1] Answer("SIP/sip.jmg.se-081dd730", "") in new stack
[2007-10-17
2005 Apr 28
2
portsentry+shorewall
Hello,
i use shorewall for a very long time (2 years or so) and i use it for nat and
as firewall....i now use portsentrys to detect portscans but there is one
problem...i use the HOWTO from the shorewall mailing list to make portsentry
and shorewall work together....but there is one prob portscans get detected
and a drop rule is added to shorewall for example
shorewall drop 62.178.xxx.xx
2003 Aug 28
0
[louisk@bend.com: snort, postgres, bridge]
----- Forwarded message from Louis Kowolowski <louisk@bend.com> -----
Date: Thu, 28 Aug 2003 11:37:42 -0700
From: Louis Kowolowski <louisk@bend.com>
To: freebsd-security@freebsd.org
Subject: snort, postgres, bridge
User-Agent: Mutt/1.5.4i
I've been prowling through the FreeBSD and Snort list archives in
search of information on setting up snort on a FreeBSD bridge(4)
that logs
2005 Mar 28
1
logcheck errors after logrotate runs
--nextPart2699335.H7BBWTdPIb
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hello :)
After upgrading recently from Woody to Sarge (which went fairly well) I now=
=20
have trouble with logcheck. I have been unable to track down a solution.
Logcheck runs perfectly through the week until Sunday when logrotate does
2004 Apr 17
7
Is log_in_vain really good or really bad?
Heya..
Yesterday someone "attacked" by box by connection to several ports.. In
other words, a simple portscan.. yet, since my box has "log_in_vain"
enabled, so it tries to log everything to /var/log/messages, since the
logfile got full and the size went over 100K, it tried to rotate the log
to save diskspace.
(Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due
2010 Jan 24
8
ip conntrack table full
xen-3.0.3-94.el5_4.2
2.6.18-164.6.1.el5xen
RHEL5.4 x86_64
I''ve got a dom0 that does nothing but have a DomU created. The DomU gets
plenty of load. Over time, the dom0''s ipconntrack table fills up but not
the DomU. Once it gets full I can restart iptables and it''s fine.
The strange thing is this only happens on hosts I have provided (hardware
and hosting) from one
2003 Apr 14
1
FW: Re: Open ports
------- BEGIN FORWARDED MESSAGE -------
From: g.pardon@pi.be
To: teastep@shorewall.net
Cc:
Subject: Re: [Shorewall-users] Open ports
How am I testing this?
I''m doing a portscan using a portscanner like GFI Languard, Superscanner
and nmap to check. Those two TCP-ports always showed up. Although, I
think there are other to test it.
I read the FAQ and the phenomenon (where is that
2002 Oct 30
1
restricting interfaces.
Hello,
I've got samba running on a FreeBSD box that has two interfaces, ep0
which is an external interface, and ep1 which is for internal use only. I
only want samba to listen on ep1 so if i'm ever portscanned port 137/139
will not show up as open on the external interface. I've added these
lines to the global section of my smb.conf file:
hosts allow=192.168.0.
2005 Feb 08
2
Basic Samba functionality under SuSE 9.2
I'm trying to get Samba 3.0.9-2.3 to work under Suse 9.2. This my very
first Linux install and I'm a little at sea here. There are so many things
that could be wrong I don't know where to start.
The Windows machine I'm using as a client has TCP/IP, file/printer sharing,
and Client for MS networks. He can't see the linux machine's ("Tolkien")
shares, but he
2003 Feb 24
2
Shorewall / nmap question
I made the following adjustments to /etc/shorewall/common.def (1.3.13 with
all relevant patches).
############################################################################
# Shorewall 1.3 -- /etc/shorewall/common.def
#
# This file defines the rules that are applied before a policy of
# DROP or REJECT is applied. In addition to the rules defined in this file,
# the firewall will also define a
1999 Mar 26
3
*ALERT*: ADM Worm. Worm for Linux x86 found in wild.
-=> To moderator:
I don't know whether it's wise to release the FTP-location
I would recommend everyone to just look over their daemons, and run
something like nessus against theirselves...
Greetings,
Jan-Philip Velders
---------- Forwarded message ----------
Date: Thu, 25 Mar 1999 16:26:59 -0700
From: "Ben Cantrick (Macky Stingray)" <mackys@MACKY.RONIN.NET>
To:
2000 Jan 20
1
Unsupported Printers - just "sticks" in the lpd queue ;(
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello:
I've configured a Linux box with Samba to act as a secondary domain
controller for an existing NT server. I've gotten everything working very
nicely, all my file shares set up, etc.
I've got 6 printers that I need to set up as print shares. The ones that
speak Postscript or PCL were very easy to set up, and work admirably.
2004 Jun 07
1
freebsd-security Digest, Vol 61, Issue 3
On Sat, 29 May 2004 12:00:52 -0700 (PDT),
<freebsd-security-request@freebsd.org> wrote:
Hello !
Today i see in snort logs :
[**] [1:528:4] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
06/07-09:44:39.044590 127.0.0.1:80 -> 10.6.148.173:1566
TCP TTL:128 TOS:0x0 ID:577 IpLen:20 DgmLen:40
***A*R** Seq: 0x0 Ack: 0x75830001 Win: 0x0 TcpLen:
2006 Jul 18
7
Port scan from Apache?
Hi everyone,
today I got an e-mail from a company claiming that my server is doing
port scans on their firewall machine. I found that hard to believe so I
started checking the box.
The company rep told me that the scan was originating at port 80 with
destination port 8254 on their machine. I couldn't find any hints as to
why that computer was subject to the alleged port scans. Searching
2003 Aug 03
1
ipfw or ipf w/stateful behavior
Hi,
first i must tell you, that my english is not the best,
i hav learned my english from manpages and documentation.
Please excuse this.
I have setted up a Box w/FreeBSD 4.7-RELEASE for connecting
to the w3 through an DSL/ATM-Connection.
Now i know the stateful handling of firewall-rules under linux
with iptables.In the second i have understand that FreeBSD comes with the
netfilter-extensions.
2005 Aug 26
0
portsentry and proftpd RPMs available
Just dropping a note, I've built CentOS4 friendly RPMs (as well as RHEL4
and FC4) of two of my favourite tools, PortSentry and ProFTPd:
ftp://ftp.pbone.net/mirror/ftp.falsehope.net/home/tengel/portsentry/CentOS4/
ftp://ftp.pbone.net/mirror/ftp.falsehope.net/home/tengel/proftpd/CentOS4/
PortSentry is built using the last known (RedHat 9 based) SPEC/patches
from FreshRPMS, updated to apply
2007 Jul 31
0
AsteriskNOW and Custom VoIP
Guys,
I've downloaded AsteriskNOW few days ago so I'm new to this product.
The first issue is on service provider area.
I've already used a VoIP account already configured with my ISP, it
works fine!
This configuration has been used until now with the client SJphone,
Now I would use this profile as main VoIP service provider to setup
in AsteriskNOW.
Here are the profile detail as
2007 Nov 22
4
Port 631 closed, not hidden
I have the firewall turned on my CentOS 5 box, but GRC is
reporting that 631 is closed instead of stealthed. If the
firewall isn't configured to allow that, then why might that
be happening?
Miark
2003 Apr 16
0
[Bug 78] New: -m psd -j TARPIT returns all ports open from nmap
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=78
Summary: -m psd -j TARPIT returns all ports open from nmap
Product: iptables userspace
Version: unspecified
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P2
Component: unknown
AssignedTo: