DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 13th March 2014
sparky's Avatar
sparky sparky is offline
Fdisk Soldier
 
Join Date: Mar 2012
Posts: 73
Thanked 0 Times in 0 Posts
Default How to block Port Scans?

Hi,

I'm trying to figure out how to block port scans from the net on my OpenBSD router.

Currently the closest I've come is a site:

http://harrykar.blogspot.co.uk/2010/...lteringpf.html

which shows this as an example:

Code:
block in quick proto tcp all flags SF/SFRA
block in quick proto tcp all flags SFUP/SFRAU
block in quick proto tcp all flags FPU/SFRAUP
block in quick proto tcp all flags /SFRA
block in quick proto tcp all flags F/SFRA
block in quick proto tcp all flags U/SFRAU
block in quick proto tcp all flags P
I have added to my pf.conf and tested however, the second and last lines are not taken by PF which throws up an error.

Also using an Android based app "Fing" to do a TCP port scan, I am still able to detect "open ports". Though I've got Snort up and running which basically is giving me all kinds of ICMP sweeps and tcp/udp scan types.


I'm probably attacking this the wrong way so really the question is; is there a way to do this - or what would be an example of a way to do this?

{EDIT} outside of the obvious; closing ports! If one has web services like http or smtp running it really isn't an option :-)

Many thanks.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pf block command help newbsdied OpenBSD Security 1 7th November 2010 12:50 AM
Block IDM-DAP-P2P mohammadreza OpenBSD Security 5 25th February 2010 09:59 AM
block spam milo974 OpenBSD Security 1 26th May 2009 11:30 AM
Automaticaly block IPs with PF DNAeon FreeBSD Installation and Upgrading 7 20th February 2009 02:06 AM
nmap scans hamba FreeBSD Security 3 2nd February 2009 10:16 AM


All times are GMT. The time now is 10:19 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick