From owner-freebsd-questions  Sat Aug  8 16:35:07 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA08076
          for freebsd-questions-outgoing; Sat, 8 Aug 1998 16:35:07 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from shell6.ba.best.com (shell6.ba.best.com [206.184.139.137])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA08067
          for <freebsd-questions@FreeBSD.ORG>; Sat, 8 Aug 1998 16:35:05 -0700 (PDT)
          (envelope-from jkb@best.com)
Received: from localhost (jkb@localhost)
	by shell6.ba.best.com (8.9.0/8.9.0/best.sh) with SMTP id QAA04994;
	Sat, 8 Aug 1998 16:34:43 -0700 (PDT)
X-Authentication-Warning: shell6.ba.best.com: jkb owned process doing -bs
Date: Sat, 8 Aug 1998 16:34:43 -0700 (PDT)
From: "Jan B. Koum " <jkb@best.com>
X-Sender: jkb@shell6.ba.best.com
To: kevin <freebsd@vmuniz.ml.org>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: block port scan
In-Reply-To: <Pine.BSF.4.01.9808090022001.428-100000@vmuniz.ml.org>
Message-ID: <Pine.BSF.3.96.980808163403.3100E-100000@shell6.ba.best.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


	ipfw add deny all from any to any
	That should block ALL packets - are you sure you don't have any
rules before that or a second ethernet card which would respond to
packets?

-- Yan

Jan Koum www.best.com/~jkb jkb@best.com |  "Turn up the lights; I don't want
www.FreeBSD.org  --  The Power to Serve |   to go home in the dark."
"Write longer sentences - they are paying us a lot of money"

On Sun, 9 Aug 1998, kevin wrote:

>Hi guys,
>
>I tried to block port scan attacks from outside network by using ipfw
>but seem doesnt work, even when i applied this rule ( ipfw add deny all
>from any to any). Cant think of other better method to block port scan
>attacks except ipfw. The portscan client i used to try on my box is 'nmap' 
>(http://www.dhp.com/~fyodor/nmap/). 
>
>Any suggestion will be appreciated.
>
>Thanks
>kevin
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message