netfilter scan detect

All of lore.kernel.org
 help / color / mirror / Atom feed

* netfilter scan detect
       [not found] <46924d18.05a0660a.252d.16afSMTPIN_ADDED@mx.google.com>
@ 2007-07-09 18:35 ` debian
  2007-07-10  6:43   ` Franck Joncourt
                     ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: debian @ 2007-07-09 18:35 UTC (permalink / raw)
  To: netfilter

Hello,

i search a solution to detect scan port, i find psd patch, but now with 
the last version of iptables, psd patch is not supported. An over 
solution is possible?

Thanks you.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: netfilter scan detect
  2007-07-09 18:35 ` netfilter scan detect debian
@ 2007-07-10  6:43   ` Franck Joncourt
  2007-07-12 14:33   ` Dmitry Zamaruev
  2007-08-22 21:12   ` Carlos Mario Mora (c4y0)
  2 siblings, 0 replies; 4+ messages in thread
From: Franck Joncourt @ 2007-07-10  6:43 UTC (permalink / raw)
  To: netfilter

[-- Attachment #1: Type: text/plain, Size: 513 bytes --]

On Mon, Jul 09, 2007 at 08:35:19PM +0200, debian wrote:
> Hello,

Hi,

> i search a solution to detect scan port, i find psd patch, but now with the 
> last version of iptables, psd patch is not supported. An over solution is 
> possible?
>

What about creating your own rules with the recent match according to
what flag is set ?

-- 
Franck Joncourt
http://www.debian.org - http://smhteam.info/wiki/
GPG server : pgpkeys.mit.edu
Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: netfilter scan detect
  2007-07-09 18:35 ` netfilter scan detect debian
  2007-07-10  6:43   ` Franck Joncourt
@ 2007-07-12 14:33   ` Dmitry Zamaruev
  2007-08-22 21:12   ` Carlos Mario Mora (c4y0)
  2 siblings, 0 replies; 4+ messages in thread
From: Dmitry Zamaruev @ 2007-07-12 14:33 UTC (permalink / raw)
  To: netfilter

Try to use 'stealth' module from GRsecurity patchset.
It will detect stealth scans, but you need patched kernel and iptables.

debian wrote:
> Hello,
>
> i search a solution to detect scan port, i find psd patch, but now 
> with the last version of iptables, psd patch is not supported. An over 
> solution is possible?
>
> Thanks you.
-- 
Best regards,
Dmitry Zamaruev,
Team leader,
System integration dept.,
NIX Solutions Ltd.



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: netfilter scan detect
  2007-07-09 18:35 ` netfilter scan detect debian
  2007-07-10  6:43   ` Franck Joncourt
  2007-07-12 14:33   ` Dmitry Zamaruev
@ 2007-08-22 21:12   ` Carlos Mario Mora (c4y0)
  2 siblings, 0 replies; 4+ messages in thread
From: Carlos Mario Mora (c4y0) @ 2007-08-22 21:12 UTC (permalink / raw)
  To: debian, netfilter

maybe portsentry???

--- debian <debian70@gmail.com> escribió:

> Hello,
> 
> i search a solution to detect scan port, i find psd
> patch, but now with 
> the last version of iptables, psd patch is not
> supported. An over 
> solution is possible?
> 
> Thanks you.
> 
> 
> 



      ____________________________________________________________________________________
¡Sé un mejor ambientalista!
Encuentra consejos para cuidar el lugar donde vivimos.                       
http://mx.yahoo.com/promos/mejorambientalista.html


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2007-08-22 21:12 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <46924d18.05a0660a.252d.16afSMTPIN_ADDED@mx.google.com>
2007-07-09 18:35 ` netfilter scan detect debian
2007-07-10  6:43   ` Franck Joncourt
2007-07-12 14:33   ` Dmitry Zamaruev
2007-08-22 21:12   ` Carlos Mario Mora (c4y0)

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.