Date: Sun, 6 Jun 2004 08:01:56 +0200 From: Zoran Kolic <kolicz@eunet.yu> To: freebsd-stable@freebsd.org Subject: Re: Port scan blocking with ipfw Message-ID: <20040606060156.GA717@kolic.net> In-Reply-To: <20040605190105.DEA2816A509@hub.freebsd.org> References: <20040605190105.DEA2816A509@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Is it ipfw2? As an active respond some folks recommend "portsentry". It adds No 1 rule like: deny all from intruder to any in Is it what you like? "Deny" base rule would be nice if you don't allow icmp packets. For server you have to allow incomming traffic. For home comp, allow only what you really need. The best way to avoid scan? Disconnect from internet ;-) ZK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040606060156.GA717>