>> I think you could design a perl script or some kind of script for that if a >> icmp/udp/tcp is being done to your system at x amount of time you could use >> ipfwadm to block it. ipfwadm is a very powerful tool. I used to be port >> scanned daily and icmp attack, use ipfwadm to block it. >> >> > >> > >> > > > Is there anything out there to stop people from port scanning my system ? >> > > > I had someone last night scan my system from port 1 to 50,000 ! >> > > >> > > Firewalling or tcp_wrappers configured the right way.
Just a quick question regarding port scanning, how do you tell that you have been scanned I assume it shows up in the log files. Alos if you decide to implement a firewall then you might want to check out TIS at www.tis.com (if i remember correctly) as the do a free firewall toolkit, you may also want to check out the socks package as well. Regards Graham >> > >> > tcp-wrappers will not stop you from being scanned. even if the port is >> > wrapped it will still show up as an open port to a scan. you also can't >> > wrap udp services. >> > >> > if you are paranoid enough that this is an issue i suggest you break out >> > a firewall book and ipfwadm and decide who exactly you want to be able to >> > talk to what on your box. >> > >> > > There is nmap in hamm that does the port scanning. >> > >> > there is also strobe that comes with the netdiag package... it's very >> > good. >> > >> > adam. >> > >> > ------------------------ Internet Alaska ------------------------- >> > 4050 Lake Otis Adam Shand (v) +1 907 562 4638 >> > Anchorage, Alaska Systems Administrator (f) +1 907 562 1677 >> > ----------------- http://larry.earthlight.co.nz ------------------ >> > >> > >> > >> > -- >> > TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to >> > [EMAIL PROTECTED] . >> > Trouble? e-mail to [EMAIL PROTECTED] . >> > >> > >> >> >> -- >> >> >> _ ,/| Chi Wong >> '\O.O' "Life is a shitload of TESTS !" >> =(_ _)= [EMAIL PROTECTED] >> |U| [EMAIL PROTECTED] >> / | [EMAIL PROTECTED] >> //| \ http://www.cif.rochester.edu/~phreak/main.html >> >> >> >> -- >> TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to >> [EMAIL PROTECTED] . >> Trouble? e-mail to [EMAIL PROTECTED] . -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .