Michael,
On Mon, 25 Nov 2002 10:17:49 -0800, Michael Bacon <[EMAIL PROTECTED]>
wrote:
[...]
> The otherday it blocked someone attempting to access port 1080 (not
> used), then port 25(redirect to our mail server). He came back the
> next day and tried port 25 again, but he was still blocked by
I get hundreds of port scans per day and I'm sure most of them have spoofed
the src address. Know your firewall and trust it, that's all you can do.
If you insist, just run tcpdump which sees the packets prior to netfilter
and filter the output thru grep looking for ip's or ports.
Michael
Michael,
On Mon, 25 Nov 2002 10:17:49 PST Michael Bacon wrote:
> I'm using port sentry on my LRP box. The otherday it blocked someone
> attempting to access port 1080 (not used), then port 25(redirect to our mail
> server). He came back the next day and tried port 25 again, but he was
> still
where can the port sentry .lrp be obtained?
TIA,
matt
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Michael Bacon
Sent: Monday, November 25, 2002 11:18 AM
To: [EMAIL PROTECTED]
Subject: [leaf-user] tcpdump of blocked packets?
I'm using port sentry o
l Bacon; [EMAIL PROTECTED]
Subject: RE: [leaf-user] tcpdump of blocked packets?
where can the port sentry .lrp be obtained?
TIA,
matt
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Michael Bacon
Sent: Monday, November 25, 2002 11:18 AM
To: [EMAIL PRO
so i'm a little slow. =)
thanks,
matt
-Original Message-
From: Michael Bacon [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 26, 2002 12:30 PM
To: Matt Russell; [EMAIL PROTECTED]
Subject: RE: [leaf-user] tcpdump of blocked packets?
Here's one source:
http://leaf.sourc