[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Summary and possible solution for merging protocols
From: FERDINAND GASSAUER <f.gassauer () aon ! at>
Date: 1999-12-04 11:57:30
[Download RAW message or body]
Roberto, which program do you use to trigger the alarm ?
cu
ferdinand
Am Fre, 03 Dez 1999 schrieb Roberto Alsina:
> On Fri, 3 Dec 1999, Lars Kneschke wrote:
>
> > Nicolas Brodu wrote:
> > > Can scan the ports of target host to found supported protocols, and then call
> > > the corresponding ioslaves. Conflicts can be handled by prefix depending
> > > on the protocol (see knetmon/netknife) and/or setting up a user prefered
> > > order.
> > Maybe you can also capture the network-traffic. So you know which hosts
> > are active and wich services they offer. This could be a solution for a
> > big network, because there will be enough traffic to analyze and it
> > creates no traffic. For a little network it is maybe better to scan the
> > network.
>
> a) If you scan one of my servers to see which ports are open, you will
> trigger an alarm, and probably will get put in hosts.deny very quickly.
>
> b) If you set yourself in promiscuous mode (which you need to capture the
> network traffic not addressed to you) you
>
> b.1) Need to be root
> b.2) Will trigger another alarm
>
> Both things are usually considered as "unusual" activities, indicative of
> attempts at cracking.
>
> I'd really hate it if they were suddenly performed routinely for normal
> tasks, since it would make detection of real cracking attempts a whole lot
> harder.
>
> ("\''/").__..-''"`-. . Roberto Alsina
> `9_ 9 ) `-. ( ).`-._.`) ralsina@unl.edu.ar
> (_Y_.)' ._ ) `._`. " -.-' Centro de Telematica
> _..`-'_..-_/ /-'_.' Universidad Nacional del Litoral
> (l)-'' ((i).' ((!.' Santa Fe - Argentina
> KDE Developer (MFCH)
> Not mad, but bound more than a madman is (Romeo and Juliet, Act I Scene II)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic