Author: kenduest (small) often seen people mess with portscan software (ex: nmap) to random port sweep of the others, really hate & nbsp @ _ @ here provides several ways, through the mechanism of new core linuxkernel2.4 + iptables for some restrictions: # NMAPFIN/URG/PS iptables-AINPUT-ieth0-ptcp--tcp-flagsALLFIN, URG, PSH-jDROP # XmasTree iptables-AINPUT-ieth0-ptcp--tcp-flagsALLALL-jDROP # AnotherXmasTree iptables-AINPUT-ieth0-ptcp--tcp-flagsALLSYN, RST, ACK, FIN, URG-jDROP # NullScan (possibly) iptables-AINPUT-ieth0-ptcp--tcp-flagsALLNONE-jDROP # SYN/RST iptables-AINPUT-ieth0-ptcp--tcp-flagsSYN, RSTSYN, RST-jDROP # SYN/FIN--Scan (possibly) iptables-AINPUT-ieth0-ptcp--tcp-flagsSYN, FINSYN, FIN-jDROP this is targeted as is the use of scan software, combined with the so-called Stealth mechanisms such as to throw so others host, you can send these packets are not dropped.
The other side a sweep card dead, or have to wait until online timeout can continue to work, to lengthen the time required to scan.
No comments:
Post a Comment