[Cialug] port scanning

Dan Hockey icepuck2k at mchsi.com
Tue Mar 6 19:53:50 CST 2007



-----Original Message-----
From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On Behalf
Of dave
Sent: Monday, March 05, 2007 11:56 PM
To: Central Iowa Linux Users Group
Subject: Re: [Cialug] port scanning

There are a number of ways.

First of all... it's entirely possible that the port scan / attack is 
stopping at your router, and not getting through to your internal 
network, so any network scanning utilities aren't going so see anything.

Turning on port forwarding should take care of that, if not I'll plug
directly into the cable modem

But... to watch what's going on, there are a number of options.

In X in Mandriva, if you right click on the Network icon in your system 
tray (lower right), and choose "Interactive Firewall" you can watch any 
traffic hitting your PC.

You can also run various packet sniffers. For the gui, there's ettercap, 
etherape (more of a pretty display than sniffer) and others.

For the CLI, there's iptraf (one of my fav's), or good old tcpdump.

More advanced tools like Snort or Acid might be more than what you're 
looking for...

If you go into your gui software management thingy, and look at the 
category Network->other, there are tons of utilities there.

-dc


I'll give some of gui ones a try first
-dh

Dan Hockey wrote:
> On Mandriva 2k7 power pack, is there a way to watch who is 
> scanning/probing my ip? There times when my router locks up and I have 
> to reset everything.
> -dh
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>

_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug



More information about the Cialug mailing list