Date: Sat, 8 Aug 1998 16:34:43 -0700 (PDT) From: "Jan B. Koum " <jkb@best.com> To: kevin <freebsd@vmuniz.ml.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: block port scan Message-ID: <Pine.BSF.3.96.980808163403.3100E-100000@shell6.ba.best.com> In-Reply-To: <Pine.BSF.4.01.9808090022001.428-100000@vmuniz.ml.org>
next in thread | previous in thread | raw e-mail | index | archive | help
ipfw add deny all from any to any That should block ALL packets - are you sure you don't have any rules before that or a second ethernet card which would respond to packets? -- Yan Jan Koum www.best.com/~jkb jkb@best.com | "Turn up the lights; I don't want www.FreeBSD.org -- The Power to Serve | to go home in the dark." "Write longer sentences - they are paying us a lot of money" On Sun, 9 Aug 1998, kevin wrote: >Hi guys, > >I tried to block port scan attacks from outside network by using ipfw >but seem doesnt work, even when i applied this rule ( ipfw add deny all >from any to any). Cant think of other better method to block port scan >attacks except ipfw. The portscan client i used to try on my box is 'nmap' >(http://www.dhp.com/~fyodor/nmap/). > >Any suggestion will be appreciated. > >Thanks >kevin > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980808163403.3100E-100000>