Home page logo
/

basics logo Security Basics mailing list archives

Re: TCP/IP Port Security
From: Kurt <kryptology () gmail com>
Date: Wed, 19 Oct 2005 00:17:45 -0400

Shot in the dark, but you could try using snort to profile your
existing network traffic and catalogue it in a smarter way than just
reviewing ethereal output, but maybe you could whip up a smart way to
do it that would work for you.  Lots of cool projects out there that
might help like http://www.snort.org/dl/contrib/patches/snort-perl/ or
http://www.chaotic.org/guardian/

It is probably much easier to list just the ports/protocols/signatures
you allow on the network, and then ban everything else. No need to
worry about the dynamic nature of X11 if you don't have it on your
network.

Good luck!



-----Original Message-----
From: rchdynasty () msn com [mailto:rchdynasty () msn com]
Sent: Tuesday, October 18, 2005 10:20 AM
To: security-basics () securityfocus com
Subject: TCP/IP Port Security

My company is currently looking to develop a port registry and cataloging
process. All TCP ports will be required to be cataloged (Dynamic or
Private/Registered/Well Known). All platforms will be addressed since we use
various platforms.
My question is what would be the most effect way to develop this process.
I'm also looking for websites for reference.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault