Firewalls: detecting port scanning

Firewalls
(January 1995)

Indexed By Thread: [Previous] [Next]

Subject:	detecting port scanning
From:	brian @ imcon . ilinx . com
Date:	Tue, 3 Jan 1995 11:10:22 -0700 (PST)
To:	firewalls @ GreatCircle . COM

With all this talk regarding port scanning, I was wondering what people are
using to monitor the unused ports on their firewalls.  I can visualize the
program which would do it, or even how to configure inetd to do the
monitoring, but puting ~65000 entries in my inetd file does not "light my
candle".

Perhaps an inetd like utility (anti-inetd) which reads the inetd.conf as
"don't watch on these ports" instead of watch on these ports as inetd does.

b.

--
Brian J. Murrell                                               brian @
 ilinx .
 com
InterLinx Support Services, Inc.                              brian @
 wimsey .
 com
North Vancouver, B.C.                                             604 983 UNIX
        Platform and Brand Independent UNIX Support - R3.2 - R4 - BSD

Follow-Ups:

Re: detecting port scanning
From: Marcus J Ranum <mjr @ tis . com>

Indexed By Date	Previous:	Re: FireWall-1 Configurations? (fwd) From: David Kovar <kovar @ NDA . COM>
Indexed By Date	Next:	Re: detecting port scanning From: Marcus J Ranum <mjr @ tis . com>
Indexed By Thread	Previous:	Re: your mail From: bmanning @ ISI . EDU
Indexed By Thread	Next:	Re: detecting port scanning From: Marcus J Ranum <mjr @ tis . com>