[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

IPS Logs NMap Scans

Posted on 2016-07-14
1
Medium Priority
?
134 Views
Last Modified: 2016-07-18
Hi Everyone,

Where do I got to see if some one has scanned my system - I was watching an Nmap tutorial on pentesting for my own site and the chap mentioned checking your IPS logs to see who'd scanned the system. Any thoughts?

J
0
Comment
Question by:Ridgejp
1 Comment
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 2000 total points
ID: 41711799
With a proper IDS in place (Snort or BRO for example) you could pick up on these scans. (mind you, don't install these systems on your web server, they should be on a separate box).

If nothing like an IDS is available, the only way you could see if your server is being scanned is to check logs, but it's not really going to show you if nmap specifically was being used. You'll just see connection attempts without requesting a web page for example.

If you would happen to find an ip-address trying different services on your system it could indicate a port-scan for example.

If you're looking into securing your web app you could look into ModSecurity, which is a great open-source tool to secure your web app. (not affiliated)
0

Featured Post

Shaping tomorrow’s technology leaders, today

The leading technology companies all recognize the growing need for gender diversity. Through its Women in IT scholarship program, WGU is working to reverse this trend by empowering more women to earn IT degrees and become tomorrow’s tech-industry leaders.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question