port scanning and hidden servers

Gayn Winters gayn.winters at bristolsystems.com
Wed Sep 7 08:59:43 PDT 2005



> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org 
> [mailto:owner-freebsd-questions at freebsd.org] On Behalf Of 
> Boris Karloff
> Sent: Wednesday, September 07, 2005 8:19 AM

> I have a user on my network with a Linux box that is
> performing a port scan on all the computers in my network
> manually. He's doing this 'because he can'. Although I've
> asked him not to, he continues to do so.
> 
> 1) How can I block or inhibit port scans launched against my
> freeBSD servers from within my network?
> 
> 2) How can I 'hide' my freeBSD servers from users on the
> network? (If they can't see them, then they don't know to
> scan them.)
> 
> Thanks in advance.
> 
> Harold

1. VLAN security on a managed switch
2. TCP wrappers
3. Ipchains
4. Snort (to generate dynamic fw rules)
 
-gayn



More information about the freebsd-questions mailing list