Re: hiding OS name
From: faSty (firstname.lastname@example.org)
- Next message: twig les: "Re: hiding OS name"
- Previous message: Peter Pentchev: "Re: hiding OS name"
- In reply to: Klaus Steden: "Re: hiding OS name"
- Next in thread: Giorgos Keramidas: "Re: hiding OS name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 8 Jul 2002 12:31:57 -0700 From: faSty <email@example.com> To: Klaus Steden <firstname.lastname@example.org>
Problem is that when you run portsentry. If someone spoofing the packet
fool portsentry trigger block on your own IP or Denial of Service
with spoofing your IP and your portsentry will be useless even
I had put list of IP "ignore" I.E. portsentry.ignore.
I have that experience from the past. No good.
On Mon, Jul 08, 2002 at 02:13:42PM -0400, Klaus Steden wrote:
> > Portsentry may help (/usr/ports/security/portsentry I
> > believe). Won't hide the OS, but it may shut down
> > scans before they get that far. <shrug>, never tested
> > it that way.
> A friend of mine runs portsentry configured to blackhole every IP that
> attempts to connect to a port where no server is running (in conjunction with
> a strict firewall); that can be done in FreeBSD without using portsentry, via
> the blackhole sysctl MIBs. See blackhole(4).
> It's not a bad means to keep people out of your machines.
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message