Penetration Testing mailing list archives
Re: Request for discussion on defending against specific Nmap TCP syn and version scans.
From: revnic () gmail com
Date: 2 Mar 2006 08:15:56 -0000
you could run a script that will grep access_log for exploit attempts and add those IPs in iptable's drop list.... also there is a patch for iptables that will slow down portscanning. another thing you could do is change service's banner. ------------------------------------------------------------------------------ This List Sponsored by: Lancope "Discover the Security Benefits of Cisco NetFlow" Learn how Cisco NetFlow enables cost-effective security across distributed enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA) and Response solution, leverages Cisco NetFlow to provide scalable, internal network security. Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response Systems in the Enterprise." http://www.lancope.com/resource/ ------------------------------------------------------------------------------
Current thread:
- Request for discussion on defending against specific Nmap TCP syn and version scans. Smith, Chris (Mar 01)
- Re: Request for discussion on defending against specific Nmap TCP syn and version scans. Martin Mačok (Mar 02)
- Bank pen test Noe Espinoza Mancillas (Mar 02)
- RE: Bank pen test Andy Meyers (Mar 03)
- RE: Bank pen test mystic33 (Mar 03)
- Re: Bank pen test Noe Espinoza Mancillas (Mar 03)
- Re: Bank pen test Rick Zhong (Mar 03)
- RE: Bank pen test Omar A. Herrera (Mar 04)
- <Possible follow-ups>
- Re: Request for discussion on defending against specific Nmap TCP syn and version scans. revnic (Mar 02)
- Re: Request for discussion on defending against specific Nmap TCP syn and version scans. krantikari26 (Mar 02)