I might be off a little in my description of what I'm looking for, but I
seem to remember that "smart" firewalls are able to realize that someone
is port-scanning the network they protect or themselves, and cut off all
traffic for a while from the host doing the scanning.
How can I make IPChains do this? I already have my firewall at work
locked down to keep someone from getting into it (reasonably), but port
scans through it to it's DMZ are still passed through (things like
connecting to sequential or assorted ports repeatedly, within the same
second or two and multiple hosts on the same subnet the same way).
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
