?
Solved

IPS Logs NMap Scans

Posted on 2016-07-14
1
Medium Priority
?
120 Views
Last Modified: 2016-07-18
Hi Everyone,

Where do I got to see if some one has scanned my system - I was watching an Nmap tutorial on pentesting for my own site and the chap mentioned checking your IPS logs to see who'd scanned the system. Any thoughts?

J
0
Comment
Question by:Ridgejp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 2000 total points
ID: 41711799
With a proper IDS in place (Snort or BRO for example) you could pick up on these scans. (mind you, don't install these systems on your web server, they should be on a separate box).

If nothing like an IDS is available, the only way you could see if your server is being scanned is to check logs, but it's not really going to show you if nmap specifically was being used. You'll just see connection attempts without requesting a web page for example.

If you would happen to find an ip-address trying different services on your system it could indicate a port-scan for example.

If you're looking into securing your web app you could look into ModSecurity, which is a great open-source tool to secure your web app. (not affiliated)
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
A look at what happened in the Verizon cloud breach.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question