Re: iptables Timed Port Block?

From: Tantor (
Date: 02/27/03

From: "Tantor" <>
Date: Thu, 27 Feb 2003 19:25:07 GMT

right on thanks, I'll check it out.
"Steve Webster" <> wrote in message
> Tantor wrote:
> [snip]
> > What I want to be able to do is open port 21 and as soon as a computer
> > that port I want something that reads its ip and drop all further
> > from that person for x amount of time. Since nothing is using port 21
> > something does scan it then I have to assume that its for an attack of
> > somekind, so I figure it would be a good idea to just block everything
> > that IP for awhile.
> >
> This sounds like what Portsentry is supposed to do. It used to be
> available from <> according to Google, but I don't
> know if that's still the case. According to
> <>, "PortSentry
> has the ability to detect portscans(including stealth scans) on the
> network interfaces of your machine. Upon alarm it can block the attacker
> via hosts.deny, dropped route or firewall rule. It is part of the Abacus
> program suite".
> There's an intro article at:
> <>
> --
> Steve Webster
> Remove the 'nospam's to get my email address.