"This is the beginning of a rule to block furtive port scanning.
A furtive port scan is a scan that detects closed ports to deduce
open ports. Two more lines are needed to complete this rule:
"iptables -A port-scan -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m
limit --limit 1/s -j RETURN
iptables -A port-scan -j DROP
"Notice that the above rule set is adding a new chain called
"port-scan". You don;t have to name it such; it's just easier to
keep things organized. You can also add timeouts to the above rule
set like so:
"iptables -A specific-rule-set -p tcp --syn -j syn-flood
iptables -A specific-rule-set -p tcp --tcp-flags SYN,ACK,FIN,RST
RST -j port-scan
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.