hi i would like to drop all icoming packets of any ip tried to connect to telnet (port 23) which is meant as trap for port-scans, there are some samples out there but i got none of them working until now :-( iptables -N port-scan iptables -A port-scan -p tcp --dport 23 --tcp-flags ALL SYN -m limit --limit 3/m --limit-burst 5 -j LOG --log-prefix "portscan trap: " iptables -A port-scan -p tcp --dport 23 --tcp-flags ALL SYN -m recent --update --seconds 60 -j RETURN iptables -A port-scan -j DROP
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
