What block Siwecos scans/EN: Unterschied zwischen den Versionen
Petra (Diskussion | Beiträge) |
|||
Zeile 12: | Zeile 12: | ||
=== PortSentry === | === PortSentry === | ||
− | Security tools such as "PortSentry" could be a reason why our scanners cannot perform port scans (which are part of the investigation). | + | Security tools such as "PortSentry" could be a reason why our scanners cannot perform port scans (which are part of the investigation). |
To prevent own systems from getting caught by portsentry, there is the file »/etc/portsentry/portsentry.ignore.static« . Here you can define single hosts or whole networks that are spared from all countermeasures. | To prevent own systems from getting caught by portsentry, there is the file »/etc/portsentry/portsentry.ignore.static« . Here you can define single hosts or whole networks that are spared from all countermeasures. |
Aktuelle Version vom 7. Mai 2020, 10:41 Uhr
Which security tools can block Siwecos scans?
Firewall
Make sure your firewall whitelists our IP addresses.
We currently use the following IP addresses:
- 159.69.220.230 (scanner)
- 116.203.133.16 (test scanner)
PortSentry
Security tools such as "PortSentry" could be a reason why our scanners cannot perform port scans (which are part of the investigation).
To prevent own systems from getting caught by portsentry, there is the file »/etc/portsentry/portsentry.ignore.static« . Here you can define single hosts or whole networks that are spared from all countermeasures.
We currently use the following IP addresses:
- 159.69.220.230 (scanner)
- 116.203.133.16 (test scanner)