Logging unserved ports

David F. Newman (buzzwang@agamemnon.ourvillage.com)
Tue, 8 Dec 1998 11:50:32 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Petko Manolov: "Unlimited number of processes, x86, 2.1.131"
Previous message: Serguei Koubouchine: "2.1.131-ac5 - I2O is great to have but does not build..."

Hi,
The TIS gauntlet firewall modifies the BSDi kernel
so that when packets are received on unserved ports the
kernel logs a security alert via syslog. That way you
don't have to be actively scanning the network for port
scans and can just scan your syslog instead. I looked
through the Linux security HOWTO and couldn't find any
mention of this. Is this possible with the Linux kernel?

---------------------------+
David F. Newman |
buzzwang@ourvillage.com |

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Petko Manolov: "Unlimited number of processes, x86, 2.1.131"
Previous message: Serguei Koubouchine: "2.1.131-ac5 - I2O is great to have but does not build..."