[plug] Active response IDSs?
bob
bob at fots.org.au
Sat Aug 3 11:05:31 WST 2002
On Sat, 2002-08-03 at 03:03, Craig Foster wrote:
> If you want to block people doing scans, you can use portsentry, where
> not-very-nice-people get sent to an iptables or ipchains DENY...
Yep, thats more or less what I wanted.
> Just make sure that VERY trusted machines are excluded, such as your
> routers and mail servers, just in case someone tries spoofing your
> router (very funny results - not)
Good point.
> Craig F.
Thanks for the feedback.
--
bob
Cave canem...te necet lingendo.
More information about the plug
mailing list