Although not primarily developed for port scanning, tcpdump can provide some
useful insight of your network's traffic. It requires surfing through logs
and keeping an eye on it, but on the whole (combined with arp poisoning if
on a switched network) it is a quite informative since it operates on a low
level ( the host-to-host layer of the tcp/ip stack). Hope this helps.
o himicos tis geitonias sas (your neighborhood's friendly chemist)
----- Original Message -----
From: paras <paras@bajranet.com.np>
To: <security-discuss@linuxsecurity.com>
Sent: Monday, December 30, 2002 12:31 PM
Subject: scanning
> hi all
>
> what is the best tool to use to monitor my network and my servers for
> intruders and hackers?. if some one scans my network i want the action to
be
> notice in my mail or something like that.
> i have heard of snort. beside this which is better tool?
>
>
> Thanks
> Paras.
>
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
