[NTLUG:Discuss] Help! I'm under attack by my ISP!
Kevin Hulse
hulse_kevin at yahoo.com
Wed Jul 14 11:13:11 CDT 2004
--- Kyle Davenport <Kyle_Davenport at compusa.com> wrote:
>
[deletia]
> So it occurred to me to find out where their port
> scans are coming from,
> and blocking those. (That's right - if they're not
> going to play fair, I
> won't either) I tried pkdump (ouch! not ready for
> prime time) and
> portsentry. Neither seem to do what I want, which
> is block hosts scanning
> different _unrelated_ ports, ie., the p2p ports, and
> to do so without being
> suspicious. Unfortunately, I don't know whether
Does snort do this? It's a pretty nice intrusion
detection tool. It works quite well for worms and
such. Although I have not focused any attempt on
portscanners. My gateway/firewall blocks most of that
sort of thing before it would get to any of my
internal machines.
[deletia]
More information about the Discuss
mailing list