Date: Sun, 25 Mar 2001 04:32:22 -0800 (PST) From: jessem@livecam.com To: domas.mituzas@delfi.lt Cc: security@FreeBSD.ORG Subject: Re: Fwd: A Simple TCP Port Alarm Message-ID: <200103251232.EAA50037@dnull.com> In-Reply-To: <Pine.BSF.4.21.0103251119240.49827-100000@axis.tdd.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
On 25 Mar, Domas Mituzas wrote: > Hi, >> I've written a simple TCP port alarm in Perl. >> The default configuration spoofs the daytime service on port 13. >> It logs all connections, then emails to the configured recipient. >> You can check it out at: > > How is it connected with security? :-) Actually tcpwrappers > (hosts.allow) support various actions on denied or accepted connections, > like sending email message or a bomb to the blackhat. There are a lot of > other tools like portsentry, that happen to be rather succesful. > Yes, that is correct. There are many programs out there. They are all complicated and time consuming to use. If you are familiar with Perl, then you might find this program interesting. Any one faint of heart, but interested in security would do well to pay money for something. This tools is strictly for hacker types. As for the security aspect, this program is intended for as an early detection system. It is not complete. It was not intended to be so. > And connections to daytime service are often very hazardous. Time is > very valuable information, so we'd log all connections, that are trying to > obtain it from us, cause a simple leak will make whole network open to bad > guys. > I'm not sure what your point is. The daytime service on port 13 is intended for diagnostics. Follow the link to the program, RTFM. The RFC plainly says, daytime is diagnostic. Your comments don't make any sense to me. Perhaps, because it is 4:30am (local time). Perhaps you could reword them and try again. :-) > No offence, congrats dear Linux coder, you've written your first public > software :) (How long are you going to support it?) > This is far from a *inx hack. And this is not my first public code. You can find program with my name going back to 1996. I'm not going to support this. It is not going to do anything else. If someone finds a bug in it, it is only 120 lines of code and I hardly think anyone mucking with this program will have a hard time fixing it. Best Regards, Jessem. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103251232.EAA50037>