[olug] @home scans
Vincent
vraffensberger at home.com
Mon Jul 10 21:50:33 UTC 2000
Christopher Garrity wrote:
>
> If I remember right, it's more like a technique. Run an IDS (Intruder Detection
> System) to detect scanning and then add entries to the routing table for the
> offending IP, setting its gateway to localhost.
>
www.psionic.com has a utility (portsentry) that will either add an
offending host to hosts.deny (dumb mode) or set a static route for them
as well as create log entries for you. It's very customizable. I read
about one person who had it doing some kernel level forwarding of probes
to places like nsa.gov...
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list