Over the last few weeks I've been getting numerous ports scans, each from
unique hosts. The situation is more of an annoyance than anything else,
but I would prefer not seeing or having to deal with an extra 20-30K
entries in my logs as was the case recently.
I use pf for firewalling, and while
On Mon, 22 Sep 2008 08:17:02 -0700
David Allen [EMAIL PROTECTED] wrote:
Over the last few weeks I've been getting numerous ports scans, each
from unique hosts. The situation is more of an annoyance than
anything else, but I would prefer not seeing or having to deal with
an extra 20-30K
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Allen wrote:
Over the last few weeks I've been getting numerous ports scans, each from
unique hosts. The situation is more of an annoyance than anything else,
but I would prefer not seeing or having to deal with an extra 20-30K
entries in
2008/9/22 David Allen [EMAIL PROTECTED]:
Over the last few weeks I've been getting numerous ports scans, each from
unique hosts. The situation is more of an annoyance than anything else,
but I would prefer not seeing or having to deal with an extra 20-30K
entries in my logs as was the case
On 9/22/08, Ghirai [EMAIL PROTECTED] wrote:
On Mon, 22 Sep 2008 08:17:02 -0700
David Allen [EMAIL PROTECTED] wrote:
Over the last few weeks I've been getting numerous ports scans, each
from unique hosts. The situation is more of an annoyance than
anything else, but I would prefer not seeing
On 9/22/08, Greg Larkin [EMAIL PROTECTED] wrote:
David Allen wrote:
Over the last few weeks I've been getting numerous ports scans, each from
unique hosts. The situation is more of an annoyance than anything else,
but I would prefer not seeing or having to deal with an extra 20-30K
entries
- Original Message -
From: David Allen [EMAIL PROTECTED]
To: freebsd-questions@freebsd.org
Sent: Monday, September 22, 2008 4:06 PM
Subject: Re: Dealing with portscans
On 9/22/08, Greg Larkin [EMAIL PROTECTED] wrote:
David Allen wrote:
Over the last few weeks I've been getting
David Allen wrote:
On 9/22/08, Ghirai [EMAIL PROTECTED] wrote:
On Mon, 22 Sep 2008 08:17:02 -0700
David Allen [EMAIL PROTECTED] wrote:
Over the last few weeks I've been getting numerous ports scans, each
from unique hosts. The situation is more of an annoyance than
anything else, but I would
On 9/22/08, Matthew Seaman [EMAIL PROTECTED] wrote:
David Allen wrote:
On 9/22/08, Ghirai [EMAIL PROTECTED] wrote:
On Mon, 22 Sep 2008 08:17:02 -0700
David Allen [EMAIL PROTECTED] wrote:
However, receiving SYN packets to ports 1024-4 isn't going to
match anything than a default block
David Allen wrote:
On 9/22/08, Matthew Seaman [EMAIL PROTECTED] wrote:
Also consider the following sysctls:
# Blackhole packets to ports without listeners
net.inet.tcp.blackhole=1
net.inet.udp.blackhole=1
although these will be redundant if your firewalling is effective.
I wonder, though,
10 matches
Mail list logo