So whats the syntax to block TCP connect() and SYN? Thanks
Z -----Original Message----- From: Tiago Pierezan Camargo [mailto:[EMAIL PROTECTED] Sent: 17 December 2003 09:47 To: [EMAIL PROTECTED] Subject: Re: blocking nmap scans > block in log quick on $ext_if inet proto tcp from any to any flags FUP/FUP > block in log quick on $ext_if inet proto tcp from any to any flags SF/SFRA > block in log quick on $ext_if inet proto tcp from any to any flags /SFRA Those rules only block FIN, Xmas and NULL scans. TCP connect() and SYN scans work as usual. -- Tiago Pierezan Camargo <elessar at matrix.com.br> (o_.' The boozy penguin says: //\c{} "VI VI VI The editor of the beast." V__)_
