Detect port scans with nftables

OlafLostViking · 2016-02-27 17:15:00

Hey,

I want to port my pile of iptables scripts to a nice nftables configuration. What I didn't manage to achieve was to detect a port scan (f.ex. a single host connects to 3 non-used ports within an hour or so) and react appropriate (like completely blocking that host for some hours or so).

Any ideas?

Arch Linux

#1 2016-02-27 17:15:00

Detect port scans with nftables

Board footer