Hi list(s), chaostables is a small package containing some nice netfilter magic: a module xt_portscan which matches the nmap scan types (including -sS) and more, and a xt_CHAOS module which slows down network scanners by triggering their codepaths for handling slow-working/'broken' operating systems. Documentation is not yet fully complete, but it explains the details behind the portscan match and how it can be implemented without using the xt_portscan.ko module. By looking at the code and some example files, it should be possible to figure out how to use these (obviously, -m portscan [types] and -j CHAOS -- but a little self-experimenting is always good, too.) http://jengelh.hopto.org/f/chaostables/chaostables-0.2.tar.bz2 (it is a remake of what was previously known, and now inaccessible, as AS_IPFW) I happily take comments on anything. Thanks and, FWIW, happy new Year(), Jan --
