|
Posted by S. Pidgorny on November 29, 2007, 1:22 am
If you were Registered and logged in, you could reply and use other advanced thread options
By looking up the VPN logs? If you use NAT, that might be complicated. You
may wish to install NIDS to detect traffic like this before you receive
complaints, and before it's NATed.
By the way - prt scan in most cases doesn't really constitute DoS.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
> Hi ,
>
> I got the complaint that our VPN device to do a port scan on the another
> public IP
> such as
> DoS portscan VPN device public IP,4500 -> internet user's public,
> 60189-46231 PR udp len 20680
> Hoe do I find out which user logged into VPN to generate portscan traffic?
>
> Thank you.
>
| 
XML site map