You want to block all ppl who scan U ... I think that's right ...there is an easy way with snort, guardian and IPChains (IPTables) ... the both/three programs work together very nice, and guardian changes your IPChain-Rules automatically to block user. Just add a rule, that portscanning user should be blocked ... that's all ... Greetings Am Freitag, 25. Mai 2001 10:48 schrieben Sie:
Cheers List !
I am thinking about a solution to disallow access to my server for all those who have made a portscan. I would like to insert their IP's into the /etc/host.deny file.
Does anybody know a way how to detect whether someone does a portscan ?
would be kind !
cheers & thx in advanced
patric illi
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com