Security Incidents mailing list archives
Re: How to read port scans
From: renato () LINUX REDEBRASIL ORG BR (Renato Murilo Langona)
Date: Thu, 8 Jun 2000 16:52:29 -0300
Hi, Phil Curran wrote:
I am new to auditing/reading port scanning documents. Are there any documents/books/urls that would be able to help me in understanding what I am reading/trying to analyze? Any help is greatly appreciated. Phil Curran phil_curran () campbellsoup com
I have links for good ones I've read (most linux): "Interpreting Network Traffic: A Network Intrusion Detector's Look at Suspicious Events by Richard Bejtlich bejtlich () altavista net" http://www.linuxsecurity.com.br/info/IDS/interpret.ids.txt "FAQ: Network Intrusion Detection Systems" http://www.linuxsecurity.com.br/info/IDS/network-intrusion-detection.htm "Focus On Linux: Intrusion Detection on Linux" (SecurityFocus) http://www.linuxsecurity.com.br/info/IDS/linux-focus.ids.html I think I don't have to mention the great Lance Spitzner Publications, but: http://www.enteract.com/~lspitz/pubs.html (read em' all) Have a good readin', Best regards, -- [Renato Murilo Langona] Network/System Administrator/Consultant Site: http://www.linuxsecurity.com.br/renato Contact mail: renato () unix barroco com br Contact Phone: (+5511) 9115 0606 (BR/SP) http://pgp5.ai.mit.edu:11371/pks/lookup?op=get&search=0x4DBD311A
Current thread:
- How to read port scans Phil Curran (Jun 08)
- Re: How to read port scans Jose Nazario (Jun 08)
- hacked @home **update** Nick Morgowicz (Jun 08)
- Re: How to read port scans Renato Murilo Langona (Jun 08)
- Re: How to read port scans spaceork (Jun 08)
- <Possible follow-ups>
- Re: How to read port scans Bryan Scaringe (Jun 08)
- Re: How to read port scans Mark Kovach (Jun 08)