Thom,
> As a relative newcomer to the security field, but with a reasonable amount
> of experience in sys admin roles, I am now responsible for the network
> security of the (small) company I work for. One of the things I would like
> to do is determine if (when) our web server, which hosts our applications,
> is being port scanned. How do I go about this? Are there (free or cheap)
> tools that will help you do this? We run both Solaris and W2K Server boxes,
> and I would like to check both.
*Snort* has been mentioned many times in this thread; if you're time-pressed
and want to see it, google it for smoothwall. Runs on an old PC, has snort
built in and so forth. (freeware, and payware versions) You can have a 2-NIC
smoothie up in about 20 minutes.
cheers,
/b
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
