Re: Port scan from Apache?

看板FB_security作者時間19年前 (2006/07/20 00:47), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串13/16 (看更多)
Clemens Renner wrote: > Regarding the advice from several people that the complaining admin > should provide more details on the alleged "port scan": I will ask him > to do that the next time he contacts me. BTW: I've seen this before on a misconfigured TAP/SPAN when the IDS can only see half of the connection (the recieves but not the sends for example). Since the IDS sees a ton of SYNs without the corresponding SYN/ACKs it looks like a portscan. Your web server probably has more connections per second than any other device on your network... -Corey Smith _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 csmith. 的文章
文章代碼(AID): #14lc8S00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 13 之 16 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共16篇)
更多 csmith. 的文章
文章代碼(AID): #14lc8S00 (FB_security)