--On 26 June 2005 15:27 +0200, [EMAIL PROTECTED] wrote:
Is there any spamtrap-like Mechanism for the pf? E.g. more skilled "badguys" don't use `nmap -sS &target`. Such guys will limit their scans to just a few ports (3-6).
Since this type of scan typically won't complete a 3-way handshake, there's not really any chance to tell a spoofed source address from a real one...
