Security Basics mailing list archives
Re: TCP/IP Port Security
From: Kurt <kryptology () gmail com>
Date: Wed, 19 Oct 2005 00:17:45 -0400
Shot in the dark, but you could try using snort to profile your existing network traffic and catalogue it in a smarter way than just reviewing ethereal output, but maybe you could whip up a smart way to do it that would work for you. Lots of cool projects out there that might help like http://www.snort.org/dl/contrib/patches/snort-perl/ or http://www.chaotic.org/guardian/ It is probably much easier to list just the ports/protocols/signatures you allow on the network, and then ban everything else. No need to worry about the dynamic nature of X11 if you don't have it on your network. Good luck!
-----Original Message----- From: rchdynasty () msn com [mailto:rchdynasty () msn com] Sent: Tuesday, October 18, 2005 10:20 AM To: security-basics () securityfocus com Subject: TCP/IP Port Security My company is currently looking to develop a port registry and cataloging process. All TCP ports will be required to be cataloged (Dynamic or Private/Registered/Well Known). All platforms will be addressed since we use various platforms. My question is what would be the most effect way to develop this process. I'm also looking for websites for reference.
Current thread:
- TCP/IP Port Security rchdynasty (Oct 18)
- Re: TCP/IP Port Security Jay Taylor (Oct 18)
- RE: TCP/IP Port Security Burton Strauss (Oct 18)
- Re: TCP/IP Port Security Kurt (Oct 21)
- Re: TCP/IP Port Security ilaiy (Oct 18)
- Re: TCP/IP Port Security Alloishus BeauMains (Oct 18)