Hi,
The first question I have is how can I use ipchains or ipfw to send all incoming traffic from a specific IP address out to never-never land. I use another box on my network to connect ot my company's vpn. While connected, their system randomly portscans my machine for security reasons. My internet router sends all incoming traffic to my e-smith box, so their portscan is getting responses back from that machine. I want to make my machine a 'hole in the water', no responses whatsoever. I remember doing this on an older box, but I don't remember exactly how I did it. I think I used ipfw to send all of the traffic from that address to a non-existant machine (192.168.100.100). Ideas?
Second, has anyone written a faq or a script on how to tighten network security on the system? Scanning my machine with grc.com shows several ports still open, or at least that they exist. I want to make myself as small of a target for script-kiddies as possible. Any suggestions?
rk
1 Replies
447 Views