Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Re: Port scan detection with pf

From: Theo de Raadt <deraadt(at)cvs.openbsd.org>
Date: Sat Nov 30 2002 - 13:17:10 EST

Fundamentally, you do not want to do that.

Please tell me what host it is that you are protecting, and I'll show you why, by spoofing a very small stream of packets from your favorite hosts.

> I found that iptables has (via patch-o-matic) a option to build a Portscan detection Module (psd) which blocks scanning hosts (nmap etc.) for some time and efficiently makes auto-scanning sort of impossible.
Received on Sat Nov 30 13:19:03 2002

This message: [ Message body ]
Next message: Jason Dixon: "Re: struggling with 3.2"
Previous message: Artur Grabowski: "Re: Stresstest of Openbsd server"
In reply to Holger Burde: "Port scan detection with pf"
Next in thread: Mike Frantzen: "Re: Port scan detection with pf"
Reply: Mike Frantzen: "Re: Port scan detection with pf"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:31:48 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library