im looking for a way to prevent poeple blindly scanning the network.
Im having the standart synflood, port scan and spammer rules up and running .
But i have now scans where one ip is just running through the ip range and trying to make connections by selecting stupid/random ports looking if somebody to answers.
See attached picture.
And even if it states established i the üicture. These IPs are not used ! There is no machine answering behind this IP number.
So the question is how can i block this type of scanning ?