Does SuSE 6.x contain any tools to do that ?
Yes, the package scanlogd i guess it's in series "sec".
Scanlogd works fine in most cases, but if you want your system to take actions against portscanners I prefer Portsentry. It's available at http://www.psionic.com In it's defaults rules it opens a lot of fake ports and it puts the attackers ipadres in /etc/hosts.deny. I prefer not to open to much ports. You can also make weird routes to the attackers ip address so he won't be able to communicate with your computer anymore. And there are much more options you can configure yourselve. Take a look at there site if you would like to no more about the program. Good documentation is on there site, but is also is shipped with the program. Regards, S.G. Zijl