labrocca
Verified User
- Joined
- Mar 12, 2006
- Messages
- 130
If you are running a freebsd server you might be seeing that in your logs an aweful lot. It's an indicator of being port scanned. I found some great advice today on how to stop it and it worked very well.
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.icmp.icmplim=50
Add those 3 lines to your /etc/sysctl.conf
They pretty much just blackhole the packets being sent from port scans and the icmp line limits the ping packets people can send.
Enjoy.
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.icmp.icmplim=50
Add those 3 lines to your /etc/sysctl.conf
They pretty much just blackhole the packets being sent from port scans and the icmp line limits the ping packets people can send.
Enjoy.