> I am trying to block those anoying portscans with a scan detector.
>Right now I am experimenting with "sentry" which is setup by default to
>kick in a new routing entry as soon as it detects a scan.
Portscans are annoying but if you have a good IPFWADM/IPCHAINS
ruleset.. you shouldn't have any problems. Because of this, I
would be hesitant to impliment anything that would dynamically
muck around with your ruleset.
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
