RE: [Sheflug] Security : Port scanning

[Neil R Porter <n.r.porter [at] xxxxxxxxxxxxxx>]

Hi

I run a hosting company (well, sole trader, but you know what I mean). 
Just wanted to add my two penneth.

Of course, it's a constant battle.  Keeping up to date with the latest
patches and versions, masking what you actually run to make it harder
for those teenagers sitting there with their l33t friends running some
automatic software they don't really understand.  Because, let's face
it, that accounts for a lot of the port scanning that goes on.

Then there's our armoury.  IPTables, woah, beautiful.  Only allowing
ports that you actually run services on, dropping everything else.  I
could go on.  Bottom line is though, I get scanned a GREAT deal.  I
would have to employ a lacky to report this on a full time basis if I
was ever going to attempt to do this.  Just make sure you stay ahead of
the root kits or it's all over baby.  Oh and of course, the #1 tip is
make sure you run a proper server and not MS, and you might survive -
preaching to the converted though here :)

I would send a small snippet of my logs, but I fear it would make this
list creak under the weight.  Just ignore it.

All the best

Neil
-- 
Neil R Porter <n.r.porter [at] btinternet.com>

___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.