Appropriate defense against port scan?
Hello, I am in need to check whether or not someone is doing a port scan of the ports of my work desktop pc (static IP, I am not one of the network admin, and we seem not to have a firewall or any kind of defense...).
What I need is just to check the requests and log them (and understand if there's a port scan going on or not).
A friend talked about snort, and I started to check a couple of related threads in here, but I am not totally sure if I am doing something disproportionate or not.
I mean, is some sort of "standard firewall" enough for my purpose (identify a portscan and identify the IP scanning me)?
Also, I kind of have a time problem, as I have to be able to register potential port scans asap, since I have reason to fear that something is going to happen in the very near future). This is why I would really like something basic and with almost no config to do, so that I can take my time studying how to do stuff properly without having to be worried to much.
EDIT: actually, I trust my friend but the more I read the more it seems like I don't need a NIDS tool...
Last edited by Dirich; November 13th, 2012 at 04:37 PM.