This is a really retarded thing to do. I will spoof a scan from the IP
address of your gateway for example and you will fall off the internet =).
Automatic reaction to attacks is very tricky to do right.
-Kurt
----- Original Message -----
From: "patric illi"
Cheers List !
I am thinking about a solution to disallow access to my server for all those who have made a portscan. I would like to insert their IP's into the /etc/host.deny file.
Does anybody know a way how to detect whether someone does a portscan ?
would be kind !
cheers & thx in advanced
patric illi
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com