Date: Sun, 5 Feb 2006 18:55:13 -0500 From: David Scheidt <dscheidt@panix.com> To: fbsd_user <fbsd_user@a1poweruser.com> Cc: "Daniel A." <ldrada@gmail.com>, questions@freebsd.org, "Michael A. Alestock" <michaela@maa-net.net> Subject: Re: IP Banning (Using IPFW) Message-ID: <20060205235513.GA20707@panix.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGIELNHMAA.fbsd_user@a1poweruser.com> References: <5ceb5d550602051357r27f07864lb408168902a68e12@mail.gmail.com> <MIEPLLIBMLEEABPDBIEGIELNHMAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 05, 2006 at 05:38:11PM -0500, fbsd_user wrote: > > You missed to whole meaning. > Attackers only scan for the published service port numbers, > that is what is meant by "portscan the box". > Those high order port numbers are dynamically > used during normal session conversation. > So any response from those port numbers if an > attacker scanned that high would be meaningless. > Please check your facts before commenting. Nonsense. There may be some people that only scan well-known ports, but it's much more common to scan every port on a machine. If you're running a server on a non-standard port, an attacker will find it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060205235513.GA20707>