Security Basics
IDS which denies access after one "false" scanned port Dec 21 2011 12:20PM
Martin T (m4rtntns gmail com) (4 replies)
Re: IDS which denies access after one "false" scanned port Dec 22 2011 01:58PM
Brent Huston (lbhlists gmail com)
Re: IDS which denies access after one "false" scanned port Dec 22 2011 02:41AM
Todd Haverkos (infosec haverkos com)
Re: IDS which denies access after one "false" scanned port Dec 21 2011 04:44PM
Samuel Lavitt (samuel lavitt tectia com)
Re: IDS which denies access after one "false" scanned port Dec 21 2011 04:44PM
Matthew Caron (Matt Caron sixnet com) (1 replies)
Portsentry will do that, IIRC.

On 12/21/2011 07:20 AM, Martin T wrote:
> I found a webserver, which serves webpage on TCP port 80, but in case
> I try to connect to any other TCP port, my IP will be blocked for
> 10min. Example below:
>
> [root@ ~]# ping -qc1 www.<domain>.com
> PING www.<domain>.com (10.10.10.3): 56 data bytes
>
> --- www.<domain>.com ping statistics ---
> 1 packets transmitted, 1 packets received, 0.0% packet loss
> round-trip min/avg/max/stddev = 1.793/1.793/1.793/0.000 ms
> [root@ ~]# telnet www.<domain>.com 80
> Trying 10.10.10.3...
> Connected to www.<domain>.com.
> Escape character is '^]'.
> Connection closed by foreign host.
> [root@ ~]# telnet www.<domain>.com 37219
> Trying 10.10.10.3...
> ^C
> [root@ ~]# telnet www.<domain>.com 80
> Trying 10.10.10.3...
> ^C
> [root@ ~]# ping -qc1 www.<domain>.com
> PING www.<domain>.com (10.10.10.3): 56 data bytes
>
> --- www.<domain>.com ping statistics ---
> 1 packets transmitted, 0 packets received, 100.0% packet loss
> [root@ ~]#
>
>
> Anyone seen such behavior before? Is it somehow possible to
> detect/guess, which IDS this might be? Any other suggestions how to
> find out more information about this IDS and server behind it?
>
>
> regards,
> martin
>
> ------------------------------------------------------------------------

> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------

>
>

--
Matthew Caron
Build Engineer
Sixnet | www.sixnet.com
O +1 518 877 5173 Ext. 138
F +1 518 602 9209
matt.caron (at) sixnet (dot) com [email concealed]

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]
Re: IDS which denies access after one "false" scanned port Dec 21 2011 06:51PM
Orlando Leon (sabalo22 gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus