• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 337
  • Last Modified:

Blocking Port Scanning

I am using IPFW on a bridge and I was just curious to see if there was a way to block people from scanning my ports on my computers?
0
seanostephens
Asked:
seanostephens
  • 3
  • 3
  • 2
  • +1
1 Solution
 
harbor235Commented:
Portsentry runs as a process, if it detects a portscan it will block that address. You should also lock
down your firewall, allowing only traffic to a particular host(s) and port(s) that you dictate ot that
need that traffic, nothing more.

harbor235
0
 
seanostephensAuthor Commented:
The firewall is pretty good, I was just wondering if there was a piece of software that would allow me to block port scans.  I have tried portsentry but I cant get it to complile on FreeBSD 5.3.  Any other suggestions?

Thanks
0
 
ahoffmannCommented:
i.g. port scans cannot be blocked, execept they're done by stupid script kiddies ;-)
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
_ruudsje_Commented:
You cannot block the scan, but in most firewalls you can detect port scans and configure the firewall by how many ports it must see it as a port scan....maybe you also have the ability in your firewall to drop the source.

Again you cannot block an attempt
0
 
ahoffmannCommented:
> ..  you can detect port scans ..
being pedantic: it is very hard to do and sometimes impossible, so lets say "may detect"
0
 
_ruudsje_Commented:
you're right may detect.....
0
 
harbor235Commented:
You may not be able to block an attempt, but, running portsentry does allow you do block
further activity from scans it identifies. In my view this is a postive, reducing the number of potential
IPs trying to potentially do harm is good. This does not stop them, but may filter out some of the script kiddies.

The only wat to truly stop port scans is to disconnect from the net.   ;}


harbor235
0
 
seanostephensAuthor Commented:
Thanks all for your input.
0
 
_ruudsje_Commented:
isn't that the same as I say....
0
 
ahoffmannCommented:
and me too ..
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now