[lug] Disabling network probing
John Hernandez
John.Hernandez at noaa.gov
Thu May 3 09:14:55 MDT 2001
There's a couple of ways to approach this. First of all, you can bi-directionally filter commonly attacked ports (ie TCP/111, 2049, 515, 513, 137-139) at your edge router/firewall. Secondly, you can use an IDS like Snort with strategic sensor placement to alert you of scanning activities (inbound and outbound).
-John
Justin wrote:
>
> I'm curious if there is a way to keep users from scanning other
> networks from my domain. For example if someone was to nmap scan an
> entire class of ip's or something like that. Is there a way to regulate
> that or stop it completely? Thanks for any help.
>
> Justin
>
> -----
> glow at jackmoves.com
> www.jackmoves.com
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list