Date: Sun, 6 Jun 2004 08:01:56 +0200 From: Zoran Kolic <kolicz@eunet.yu> To: freebsd-stable@freebsd.org Subject: Re: Port scan blocking with ipfw Message-ID: <20040606060156.GA717@kolic.net> In-Reply-To: <20040605190105.DEA2816A509@hub.freebsd.org> References: <20040605190105.DEA2816A509@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Is it ipfw2?
As an active respond some
folks recommend "portsentry".
It adds No 1 rule like:
deny all from intruder to any in
Is it what you like?
"Deny" base rule would be
nice if you don't allow icmp
packets. For server you have
to allow incomming traffic.
For home comp, allow only
what you really need. The best
way to avoid scan? Disconnect
from internet ;-)
ZK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040606060156.GA717>