Port scan blocking with ipfw

Zoran Kolic kolicz at eunet.yu
Sun Jun 6 06:06:50 GMT 2004


Is it ipfw2?
As an active respond some
folks recommend "portsentry".
It adds No 1 rule like:
deny all from intruder to any in
Is it what you like?
"Deny" base rule would be
nice if you don't allow icmp
packets. For server you have
to allow incomming traffic.
For home comp, allow only
what you really need. The best
way to avoid scan? Disconnect
from internet ;-)

                  ZK




More information about the freebsd-stable mailing list