[Cialug] port scanning
Dan Hockey
icepuck2k at mchsi.com
Tue Mar 6 19:53:50 CST 2007
-----Original Message-----
From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On Behalf
Of dave
Sent: Monday, March 05, 2007 11:56 PM
To: Central Iowa Linux Users Group
Subject: Re: [Cialug] port scanning
There are a number of ways.
First of all... it's entirely possible that the port scan / attack is
stopping at your router, and not getting through to your internal
network, so any network scanning utilities aren't going so see anything.
Turning on port forwarding should take care of that, if not I'll plug
directly into the cable modem
But... to watch what's going on, there are a number of options.
In X in Mandriva, if you right click on the Network icon in your system
tray (lower right), and choose "Interactive Firewall" you can watch any
traffic hitting your PC.
You can also run various packet sniffers. For the gui, there's ettercap,
etherape (more of a pretty display than sniffer) and others.
For the CLI, there's iptraf (one of my fav's), or good old tcpdump.
More advanced tools like Snort or Acid might be more than what you're
looking for...
If you go into your gui software management thingy, and look at the
category Network->other, there are tons of utilities there.
-dc
I'll give some of gui ones a try first
-dh
Dan Hockey wrote:
> On Mandriva 2k7 power pack, is there a way to watch who is
> scanning/probing my ip? There times when my router locks up and I have
> to reset everything.
> -dh
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list