Home page logo

basics logo Security Basics mailing list archives

Re: under attack
From: Fernando Gont <fernando () gont com ar>
Date: Tue, 16 Mar 2004 22:26:33 -0300

At 01:35 16/03/2004 +0800, Jorge Garcia wrote:

now i filter the port with iptables but i want to do more.
how can i close the port??

Don't run any server on that port, and it'll be closed.

how can i get info about who did this and which program or prosses is using this port?

Use lsof

how can i get any inpho about the attacker??

Provided your system logs have not been compromised, have a look at them.

Fernando Gont
e-mail: fernando () gont com ar || fgont () acm org

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]