[ale] Unusual scans
Jonathan Rickman
jonathan at xcorps.net
Fri Aug 22 11:34:19 EDT 2003
On Friday 22 August 2003 10:44, Jason Day wrote:
> I'm using portsentry and ipchains. Sorry, no packet capture. Here's a
> sample log entry:
The best way to figure out what's going on here would be to fire up netcat
listening on TCP:1 and redirecting output to a file. This will give you a
hex dump of the traffic and allow you to determine what it really is. You'd
probably need to turn off portsentry to do this.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list