What block Siwecos scans/EN: Unterschied zwischen den Versionen
Petra (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „== What security tools can block Siwecos scans? == === Firewall === Make sure your firewall whitelists our IP addresses. We currently use the following IP a…“) |
|||
(Eine dazwischenliegende Version von einem anderen Benutzer wird nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
− | == | + | == Which security tools can block Siwecos scans? == |
=== Firewall === | === Firewall === | ||
Zeile 12: | Zeile 12: | ||
=== PortSentry === | === PortSentry === | ||
− | Security tools such as "PortSentry" could be a reason why our scanners cannot perform port scans (which are part of the investigation). | + | Security tools such as "PortSentry" could be a reason why our scanners cannot perform port scans (which are part of the investigation). |
To prevent own systems from getting caught by portsentry, there is the file »/etc/portsentry/portsentry.ignore.static« . Here you can define single hosts or whole networks that are spared from all countermeasures. | To prevent own systems from getting caught by portsentry, there is the file »/etc/portsentry/portsentry.ignore.static« . Here you can define single hosts or whole networks that are spared from all countermeasures. |
Aktuelle Version vom 7. Mai 2020, 10:41 Uhr
Which security tools can block Siwecos scans?
Firewall
Make sure your firewall whitelists our IP addresses.
We currently use the following IP addresses:
- 159.69.220.230 (scanner)
- 116.203.133.16 (test scanner)
PortSentry
Security tools such as "PortSentry" could be a reason why our scanners cannot perform port scans (which are part of the investigation).
To prevent own systems from getting caught by portsentry, there is the file »/etc/portsentry/portsentry.ignore.static« . Here you can define single hosts or whole networks that are spared from all countermeasures.
We currently use the following IP addresses:
- 159.69.220.230 (scanner)
- 116.203.133.16 (test scanner)