Looking at some portsentry stuff.
It looks like you can do a simple redirect on someone. It was
suggested to me that a good way to deal with a portscan is to redirect
to an IP that has nothing on the other end, so the person portscanning
times out.
What is a good IP number to accomplish this with? Will something like
127.0.0.255 work? Or will it have to be real? I'd hate to set up an
IP and then someone get assigned to it and me have forgotten all about
that.
Also, it might be humorous to redirect to an IP that has some expert
cracker or a gov't institution on the other end. Hehe. But will it
appear to originate from my box or the port scanner's?
-Rob
