Re: Scanning hosts connecting to a linuxbox.

[Philip Ehrens <pehrens () ligo caltech edu>]

Mike A. Harris scribbled:
> I would like to somehow have nmap run a scan of my choosing on
> any hosts attempting a connect to any of my ports, either via
> tcpwrappers, or the firewall.

May I point out, once again, that most crackers will not be
scanning you from their own machines -- they will be scanning
from someone else's machine that they have owned.

So if you scan the machines that scan you, you will only wind
up contributing to the mayhem.  It is even possible that the
occasional flurries of scans that show up on some machines
are due to this retro-scanning being done.

I cannot repeat often enough, that the proper response to
an unsuccessful scan is no response, and to a successful scan,
fix your own darn box!

And happy scanning!

Phil
-- 
Phil Ehrens <pehrens () ligo caltech edu>| Fun stuff:
The LIGO Laboratory, MS 18-34         | http://www.ralphmag.org
California Institute of Technology    | http://www.yellow5.com
1200 East California Blvd.            | ftp://ftp.no.pgpi.com/pub/pgp
Pasadena, CA 91125 USA                | http://www.mjt.org
Phone:(626)395-8518 Fax:(626)793-9744 | http://www.powells.com