Port scan detection in ipfw2
Kris Kennaway
kris at obsecurity.org
Thu Jun 10 05:48:40 GMT 2004
On Wed, Jun 09, 2004 at 09:11:46PM -0700, Khoi Dinh wrote:
> Hi All,
>
> This is a repost and I was hoping there might be a solution to this. I was
> wondering if ipfw2 has the ability to detect port scan like iptables with
> the psd module. I'm looking for a kernel-based solution, not app-based like
> portsentry. Also, is ipfw2 able to allow/disallow traffic according to
> time? ie. If I wanted to allow http traffic only from 9am to 1pm, can I do
> this with ipfw? I've been looking all over the net looking for a solution
> but haven't found one and was hoping that someone on the list could help me
> out, even if the answer is "no, there are no such kernel-based features."
The kernel is the wrong place for these features, and they can be
implemented straightforwardly in userland.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20040609/89b3d793/attachment.bin
More information about the freebsd-stable
mailing list