Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Port scan detection with pf

From: Holger Burde <HBurde(at)t-online.de>
Date: Sat Nov 30 2002 - 12:45:35 EST

Hi;

I found that iptables has (via patch-o-matic) a option to build a Portscan detection Module (psd) which blocks scanning hosts (nmap etc.) for some time and efficiently makes auto-scanning sort of impossible. Is this also possible with OpenBSD pf or is it planed to add this feature ? (from man faq google etc. it seems not) PS The Watchguard Firewalls also have such a feature which is turned on by default.

PS2 I want this on a firewall so using some IDS does not work since the packets are dropped before the

IDS would see them ...

hb Received on Sat Nov 30 12:45:59 2002

This message: [ Message body ]
Next message: Ryan McBride: "Re: Port scan detection with pf"
Previous message: Marc Balmer: "Re: Stresstest of Openbsd server"
Next in thread: Ryan McBride: "Re: Port scan detection with pf"
Reply: Ryan McBride: "Re: Port scan detection with pf"
Reply: Gordon Grieder: "Re: Port scan detection with pf"
Reply: Theo de Raadt: "Re: Port scan detection with pf"
Reply: Mike Frantzen: "Re: Port scan detection with pf"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:31:48 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library