Hello everybody, PF offers a great OS-Detection wich enable me to block all Packets from NMAP (OS: NMAP).
But I thought about another problem. How can I drop the IP of an nmap-scanning computer into a table? Such an overload-option (like for max-src-conn) would be very neat because a host which tried to scan could try e.g. a brute-force either (or simply use other tools not detectable by ospf). So does somebody know how to handle such situations? Kind regards, Sebastian
