Results 1 to 5 of 5

Thread: Port Scan Warning Program?

  1. #1

    Port Scan Warning Program?

    I am looking for a program that I can run on my RH 7.2 box that will alert me via a pager if my box is under heavy scans. I would also like it to send me e-mails but I can find a few that do that already, I really want to find one that will page me. Any links or advice greatly appr. Thanx in advance.

  2. #2

    Re: Port Scan Warning Program?

    You can use PortSenty and you can set it to like send you an e-mail to your pager if your pager has an e-mail address. If your pager dosent have an e-mail address but just a telephone number I'm sure you can setup to page you somehow.

    Meanwhile check this out.
    http://www.linuxnewbie.org/nhf/intel...rtsentry1.html

  3. #3
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Re: Port Scan Warning Program?

    I tend to stay away from these kind of stuff mostly since it's just a wast of time ( and money ).

    1. How does your program can differientiate what qualified as heavy scan and normal scan??

    2. If you get page for every scan your box get, then you don't need to go home. Just sit by your box 24/7.

    3. If the box is under heavy scan ( like DOSs ), then your system can do no squat about it except a sitting duck and it won't page you ( have no time to get to that paging process ).

    4. You will only get tons of pages only after the box is returned to normal.

    5. What good it's if you know only after your box is come back online anyway??

    The best approch ( IMO ) is to get a network detector for high traffic and alert you for it. gmoreno had suggested a good one.

  4. #4

    Re: Port Scan Warning Program?

    Well besides the fact of Compunuts telling me I was nuts you guys helped me alot. I guess your right though Comp. I was just thinking that I could atleast find out who is scanning me so much. One other question. How do you configure a box to send back bogus info, like instead of it saying the OS and version of Apache have it say some other OS and a diff version of Apache.

  5. #5
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Re: Port Scan Warning Program?

    Well besides the fact of Compunuts telling me I was nuts you guys helped me alot.
    hehehe.... ;D

    I was just thinking that I could atleast find out who is scanning me so much.
    Then use logrotate and have a script send an email every x minutes of time.

    How do you configure a box to send back bogus info, like instead of it saying the OS and version of Apache have it say some other OS and a diff version of Apache.
    I don't know how to spoof that but you can set your Apache to only send minimal info whenever a client request info. But I forgot the exact setting for it ( since I'm not on my server box ATM and can't check ). Look around in the httpd.conf file.

    <edited>
    UBB tag..

Similar Threads

  1. warning during compilation of a C program
    By explorer in forum Linux - Software, Applications & Programming
    Replies: 8
    Last Post: 08-12-2007, 03:14 PM
  2. Scan Port 22
    By shebang in forum Linux - Hardware, Networking & Security
    Replies: 6
    Last Post: 12-05-2004, 10:28 PM
  3. SMTP port not showing up on local scan
    By Blaqb0x in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 07-21-2002, 02:46 PM
  4. shares not viewable on server even with port scan
    By doggiebone in forum Linux - Hardware, Networking & Security
    Replies: 8
    Last Post: 06-25-2002, 10:48 PM
  5. Port Scan
    By Ashcrow in forum General Chat
    Replies: 4
    Last Post: 02-02-2002, 05:42 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •