I think you could design a perl script or some kind of script for that if a icmp/udp/tcp is being done to your system at x amount of time you could use ipfwadm to block it. ipfwadm is a very powerful tool. I used to be port scanned daily and icmp attack, use ipfwadm to block it.
> > > > > Is there anything out there to stop people from port scanning my system ? > > > I had someone last night scan my system from port 1 to 50,000 ! > > > > Firewalling or tcp_wrappers configured the right way. > > tcp-wrappers will not stop you from being scanned. even if the port is > wrapped it will still show up as an open port to a scan. you also can't > wrap udp services. > > if you are paranoid enough that this is an issue i suggest you break out > a firewall book and ipfwadm and decide who exactly you want to be able to > talk to what on your box. > > > There is nmap in hamm that does the port scanning. > > there is also strobe that comes with the netdiag package... it's very > good. > > adam. > > ------------------------ Internet Alaska ------------------------- > 4050 Lake Otis Adam Shand (v) +1 907 562 4638 > Anchorage, Alaska Systems Administrator (f) +1 907 562 1677 > ----------------- http://larry.earthlight.co.nz ------------------ > > > > -- > TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to > [EMAIL PROTECTED] . > Trouble? e-mail to [EMAIL PROTECTED] . > > -- _ ,/| Chi Wong '\O.O' "Life is a shitload of TESTS !" =(_ _)= [EMAIL PROTECTED] |U| [EMAIL PROTECTED] / | [EMAIL PROTECTED] //| \ http://www.cif.rochester.edu/~phreak/main.html -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
