[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Port Scanning
Fairly easy to tell you are being port scanned from the log viewer. You will see a series of blocked connections from the same IP address. You will see something like this: Source: <External IP> Destignation <Your Firewall> Then about 1020 dropped or rejected packets if you have created your policy well. The best thing to do is to disable ICMP requests, most port scanners will "ping" the box to determine if its up / not protected. If a reply isn't returned usually the "hacker" will figure that this box is either non existant or protected inwhich case it isn't worth their time. There is the no ping command for most port scanners but again what these people are looking for is unprotected boxes with documented security flaws. I suggest downloading Nmap and a free scanning device such as nessus and scannign your system and seeing how it reacts. It is the easest way to see what happens when your scanned, and whether you are protected or not. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of STL Sent: June 13, 2001 12:07 AM To: [email protected] Subject: [FW1] Port Scanning Hi all, Can fw-1 detect port scanning? How can we know that we are actually port scanned from the Log Viewer? How to prevent port scanning? Thanks & Regards ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|