On Tuesday 01 July 2003 18:40, Mycroft wrote: > AJ> > AJ>If you want that functionality, google for "portsentry". > > Erm...it appears (to me at least) that portsentry has all the firewall > ruleset blocking "functionality" that you recommended against
I *don't* recommend blocking hosts by detecting port scans, but if you *do* insist on that functionality, portsentry has the ability to detect a port scan of more than 1 port. This was in reply to a question about snort's abilities (or lack of) to detect port scans. -- - Aviram ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
