Yep, great tool: installed it (also tanx: Kis-Szabo Andras).
About IP-spoofing:
If you spoofe IP, you send a package with wrong source address. I can
imagine the packet arrives at the destination but how does it get back to
you?
Maybe source-routed frames, but doesn't inetd scan for those & throw them
away?
I did spend some thoughts about retaliation :-)
Probably only effect is the undivided attention of hackers/crackers (read
what you want).
> I'm looking for a tool which enables me to run a script when I'm
being
> port-scanned. I tried detect-scans (from sunsite), but it's too
buggy. Does
> anyone know something better?
Try Abacus Sentry. Sorry, I don't have the URL handy. It
can
run commands or reconfigure your firewall in response to port
scanning.
Warnings:
UDP can be spoofed so don't use it to trigger changes.
While external commands can be run, retaliation is not
advised.
As soon as some knows you have it set to counter attack mode, they
come
in with a spoof attack and use your system to attack some innocent
chump.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
