Detecting port scanning even if pot is not open

Overlord

Im trying to get udp thru a firewall and need to setup the outside pc to accept udp packets on all ports to try and find out if the firewall will let any UDP packets thru at all ( doesnt seem like it)

Is there anyway to detect if ppl are trying to connect to a port using udp If that port is not open ?
Or a way of opening all ports to accept incoming udp packets easily?
Thanks

phaxx

Other than writing an app to open lots of ports and print a message when it recieves anything, you could do it with a firewall on the inside machine - tell it to log any udp packets it comes across.

What os is the inside machine?

moist

You could use comthing like Portsentry (*NIX only I believe) which will listen on any TCP/UDP port that does not already
have somthing listening on it.
That will show you if there are any connections being made to the machine.
On the other hand you could use somthing like tcpdump (on the target machine) to see if there
are any packets reaching the machine.

joev

Originally posted by moist
You could use comthing like Portsentry (*NIX only I believe) which will listen on any TCP/UDP port that does not already
have somthing listening on it.
That will show you if there are any connections being made to the machine.
On the other hand you could use somthing like tcpdump (on the target machine) to see if there
are any packets reaching the machine.

Any ethernet/ip traffic monitor wouldalso do...
for *NIX you've got iptraf, emonitor etc.. Can't remember the win32 ones at present...

Probably the best tool to use is the swiss army knife of network tools.. netcat.

check out http://www.atstake.com/research/tools/
for details.

joev.