Re: Port Scanning
I think you could design a perl script or some kind of script for that if a
icmp/udp/tcp is being done to your system at x amount of time you could use
ipfwadm to block it. ipfwadm is a very powerful tool. I used to be port
scanned daily and icmp attack, use ipfwadm to block it.
>
>
> > > Is there anything out there to stop people from port scanning my system ?
> > > I had someone last night scan my system from port 1 to 50,000 !
> >
> > Firewalling or tcp_wrappers configured the right way.
>
> tcp-wrappers will not stop you from being scanned. even if the port is
> wrapped it will still show up as an open port to a scan. you also can't
> wrap udp services.
>
> if you are paranoid enough that this is an issue i suggest you break out
> a firewall book and ipfwadm and decide who exactly you want to be able to
> talk to what on your box.
>
> > There is nmap in hamm that does the port scanning.
>
> there is also strobe that comes with the netdiag package... it's very
> good.
>
> adam.
>
> ------------------------ Internet Alaska -------------------------
> 4050 Lake Otis Adam Shand (v) +1 907 562 4638
> Anchorage, Alaska Systems Administrator (f) +1 907 562 1677
> ----------------- http://larry.earthlight.co.nz ------------------
>
>
>
> --
> TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
> debian-user-request@lists.debian.org .
> Trouble? e-mail to templin@bucknell.edu .
>
>
--
_ ,/| Chi Wong
'\O.O' "Life is a shitload of TESTS !"
=(_ _)= cw005e@uhura.cc.rochester.edu
|U| chi@gatekeeper.cif.rochester.edu
/ | phreak@cif.rochester.edu
//| \ http://www.cif.rochester.edu/~phreak/main.html
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: