Re: lug-bg: Fw: portsentry TCP SYN
- Subject: Re: lug-bg: Fw: portsentry TCP SYN
- From: teodor@xxxxxxxxxxxxxxx (Teodor Georgiev)
- Date: Mon, 11 Feb 2002 09:44:34 +0100
v portsentry-to ima edna opcia, t.nar. "Scan trigger".
V neia ukazvash pri kolko opita za otvariane na port v maluk interval ot
vreme da se schita za scan (ei che
hubavo go obiasnih).
A to po default e 1, no ne biva da e 1. Slozhi go da rechem na 4.
----- Original Message -----
From: "Bozhan Bozhkov" <bozho@xxxxxxxxxxx>
To: <lug-bg@xxxxxxxxxxxxxxxxxx>
Sent: Friday, February 08, 2002 5:50 PM
Subject: lug-bg: Fw: portsentry TCP SYN
>
> ----- Original Message -----
> From: "Bozhan Bozhkov" <bozho@xxxxxxxxxxx>
> To: <lug-bg@xxxxxxxxxxxxxxxxxx>
> Sent: Friday, February 08, 2002 3:38 PM
> Subject: portsentry TCP SYN
>
>
> Çäðàâåéòå
> Íàñêîðî èíñòàëèðàõ portsentry è çàïî÷íàõà åäíè òàêèâà ëîãîâå:
>
> Jan 22 17:07:01 pegassus portsentry[21607]: attackalert: TCP SYN/Normal
> scan
> from host: egas34...... to TCP port: 445
>
> îò 2 ìàøèíè - åäíàòà ñ XP äðóãàòà ñ Âèí 2000
>
> èìàìå õèïîòåçà - âèäîçà ñå ìú÷è äà ñå ñâúðæå ñ äîìåèí êîíòðîëåð è ïðàùà
SYN
> íåïðåêúñíàòî, çà îïðåäåëåí ïåðèîä îò âðåìå, ïîíåæå íå ïîëó÷àâà îòãîâîð.
>
> Äàëè å òîâà èëè:
> à) íåùî ëàçè ïî ñúîòâåòíèòå ìàøèíè
> á) ñúâñåì äðóãà ïðè÷èíà
>
> è àêî å âÿðíà íàøàòà õèïîòåçà - êàê ñå îáÿñíÿâà íà òèÿ 2000/ÕÐ äà íå
ïðàâÿò
> òàêèâà ðàáîòè.
> (ãîëÿìà åìîöèÿ áåøå ïðåäè âðåìå, äîêàòî ðàçáåðà îò êúäå ñå êàçâà íà 2000
äà
> íå ñå ìú÷è äà ñå ðåãèñòðèðà ñàì â DNS-a )
>
> Ïîçäðàâè
> Áîæî.
>
>
>
===========================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara
Zagora
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|