port scanning detection

Jeff Jirsa jeff at unixconsults.com
Sun May 4 22:08:09 PDT 2003

On Sun, 4 May 2003, admin wrote:

> Hey,
> Is there a good Program out there that can assist me with identifying when I
> am getting portscanned and possible origination?

If you're running a firewall, set the firewall to log connection attempts
to ports not in use.

If you're not running a firewall, run the command:

sysctl net.inet.tcp.log_in_vain=1

When you're port scanned, you'll see the connection attempts in `dmesg -a`
and on the console.

- Jeff

More information about the freebsd-questions mailing list